我正在尝试创建SNS平台应用程序并通过使用AWS开发工具包(Java)为其启用交付状态功能。首先,我创建必要的角色“ SNSSuccessFeedback”和“ SNSFailureFeedback”。示例代码(Groovy):
AmazonIdentityManagementClient aimClient = getAimClient(/*credentials*/)
// create "SNSSuccessFeedback" role:
aimClient.createRole(new CreateRoleRequest().withRoleName("SNSSuccessFeedback")
.withAssumeRolePolicyDocument('{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"sns.amazonaws.com"},"Action":"sts:AssumeRole"}]}'))
aimClient.putRolePolicy(new PutRolePolicyRequest().withRoleName("SNSSuccessFeedback")
.withPolicyName("oneClick_SNSSuccessFeedback_1234567890")
.withPolicyDocument('{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents","logs:PutMetricFilter","logs:PutRetentionPolicy"],"Resource":["*"]}]}'))
// the same code for "SNSFailureFeedback" role
// get ARN for both "SNSSuccessFeedback" and "SNSFailureFeedback"
// create platform application:
AmazonSNSClient snsClient = getSnsClient(/*credentials*/)
snsClient.createPlatformApplication(new CreatePlatformApplicationRequest()
.withName("myapp")
.withPlatform("APNS")
.withAttributes([PlatformPrincipal: "certificate", PlatformCredential: "key",
SuccessFeedbackRoleArn: successRoleArn, FailureFeedbackRoleArn: failureRoleArn,
SuccessFeedbackSampleRate: "100"]))
但是由于某种原因我得到了错误:
参数无效:属性原因:属性值无效:FailureFeedbackRoleArn:arn:aws:iam :: 1234567890:role / SNSFailureFeedback不是允许SNS写入Cloudwatch日志的有效角色(服务:AmazonSNS;状态代码:400;错误代码:InvalidParameter;请求ID:c1dbd591-f044-584a-bbac-85fa9a0cbe8d)
如果我仅在角色创建之后和平台应用程序创建之前添加延迟(例如Thread.sleep(5000)),那么平台应用程序将成功创建而不会出现错误。
那么,创建启用了交付状态的角色和平台应用程序的正确方法是什么?
最佳答案
创建角色时,您将遇到最终的一致性。时间延迟使角色有时间对下一个API请求“可见”。您可以枚举IAM角色,以查看所需的角色是否“可见”,而不是任意的时间延迟。
关于java - 无法创建具有交付状态属性的SNS平台应用程序,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/39821447/