Closed raindust closed 1 year ago
I what to get credentials like https://github.com/aws/aws-nitro-enclaves-sdk-c/blob/main/bin/kmstool-instance/main.c#L151-L216 in console or "aws cli", if I use "curl http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance" get credential using metadata service, and send it to "kmstool-enclave-cli" inside enclave will fail because the following error:
{"__type":"UnrecognizedClientException","message":"The security token included in the request is invalid"}
Can I use metadata service in https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-categories.html , or aws cli to get equivalent method of it?
We decide to use https://docs.rs/aws-config/0.54.1/aws_config/default_provider/credentials/struct.DefaultCredentialsChain.html finally.
raindust
commented
1 year ago raindust
commented
1 year ago
I what to get credentials like https://github.com/aws/aws-nitro-enclaves-sdk-c/blob/main/bin/kmstool-instance/main.c#L151-L216 in console or "aws cli", if I use "curl http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance" get credential using metadata service, and send it to "kmstool-enclave-cli" inside enclave will fail because the following error:
Can I use metadata service in https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-categories.html , or aws cli to get equivalent method of it?