Error when adding permissions to an Amazon SNS topic when using the .NET libraries
https://stackoverflow.com/questions/4061836
-
27-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
When attempting to add permissions to an Amazon SNS topic using the AWS SDK for .NET/1.1.0.1 using code similar to the following:
AddPermissionRequest request = new AddPermissionRequest()
.WithActionNames(new[] { "Publish" })
.WithAWSAccountIds(new[] { "xxx" })
.WithLabel("PrincipleAllowControl")
.WithTopicArn(resourceName);
client.AddPermission(request);
The following error message is returned:
<ErrorResponse xmlns=" http://sns.amazonaws.com/doc/2010-03-31/">
<Error>
<Type>Sender</Type>
<Code>ValidationError</Code>
<Message>2 validation errors detected: Value null at 'actionName' failed to satisfy constraint: Member must not be null; Value null at 'aWSAccountId' failed to satisfy constraint: Member must not be null</Message>
</Error>
<RequestId>45054159-e46b-11df-9b30-693941920fe7</RequestId>
</ErrorResponse>
해결책
Update - This has been resolved in the latest version of the .NET API so anyone still encountering this problem should upgrade to the 1.1.1 version of the API.
Took me awhile to figure out what was going on and I ended up having to use the HTTP version of the clients as well as Wireshark to watch what was happening, but it appears that there is a bug in AWS SDK for .NET/1.1.0.1. When I wrote a similar function using the AWS SDK for Java things proved to work fine, the following is a small block of that code:
AddPermissionRequest permissionRequest = new AddPermissionRequest()
.withActionNames("Publish")
.withAWSAccountIds("xxx")
.withLabel("PrincipleAllowControl")
.withTopicArn(resourceName);
client.addPermission(permissionRequest);
Watching what was happening via Wireshark turned up the following, with some minor censoring and editing for clarity:
POST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded; charset=utf-8 User-Agent: AWS Java SDK-1.0.14 Host: sns.us-east-1.amazonaws.com Content-Length: 419 Action=AddPermission& SignatureMethod=HmacSHA256& Label=PrincipleAllowControl& ActionName.member.1=Publish& AWSAccessKeyId=xxx& Version=2010-03-31& AWSAccountId.member.1=xxx& SignatureVersion=2& TopicArn=arn%3Aaws%3Asns%3Aus-east-1%3A589983072084%3Axxx& Timestamp=2010-10-31T02%3A10%3A10.833Z& Signature=Bq09wa2vF1levQGcQZWVaix3UG7Mxlq2JCk4znEYHAM%3D POST / HTTP/1.1 User-Agent: AWS SDK for .NET/1.1.0.1 Content-Type: application/x-www-form-urlencoded; charset=utf-8 Host: sns.us-east-1.amazonaws.com Content-Length: 422 Action=AddPermission& TopicArn=arn%3Aaws%3Asns%3Aus-east-1%3A589983072084%3Axxx& Label=PrincipleAllowControl& AWSAccountIds.member.1=xxx& ActionNames.member.1=Publish& AWSAccessKeyId=xxx& SignatureVersion=2& SignatureMethod=HmacSHA256& Timestamp=2010-10-30T21%3A18%3A39.753Z& Version=2010-03-31& Signature=m9OvL1v91eurDa5QYP9gwrd2crdtssHsDFonFny3frU%3D
As you can see, the AWS SDK for .NET is making a call using AWSAccountIds and ActionNames as opposed to AWSAccountId and ActionName used by the AWS Java SDK which explains the error message that was returned.
For now there doesn't appear to be much that can be done about it short of not using the command in .NET applications and writing your own code to make the call. With any luck this will be fixed in an update to the SDK.
