Geek Answers Handbook

How can I cure DynamoDB AWS Java SDK invocation, resulting in an ExpiredTokenException?

I have a long AWS Java SDK DynamoDB application that behaves normally when I run it. However, after a certain number of hours (about 12), I get the same Exception again and again with ANY DynamoDB API call. If I restart the server, the Exception will disappear ... only to reappear later.

The exact text of the error is ExpiredTokenException :
The security identifier included in the request has expired (Service: AmazonDynamoDBv2; Status code: 400; Error code: ExpiredTokenException ; Request identifier: DEMTN0Q5BMPH5IQD9TUQMNO5SFVV4KQNSO5AEMVJF66Q9ASUAAJG)

+5
source share
1 answer

Summary:
Pass an instance of AWSCredentialsProvider (as opposed to AWSCredentials ) to the AmazonDynamoDBClient constructor, as this allows you to automatically update expired AWSCredentials (if a specific AWSCredentialsProvider implemented update functionality), which is the case with all standard AWS provided).

Details:
To resolve the AWS Java SDK DynamoDB associated with an ExpiredTokenException that starts with the prefix "The security identifier included in the request has expired (Service: AmazonDynamoDBv2; Status code: 400; Error code: ExpiredTokenException; Request identifier: ...", you must change your code to provide an AWSCredentialsProvider instance (and stop using the AWSCredentials instance — that is, without the Supplier suffix) to the AmazonDynamoDBClient constructor. By AmazonDynamoDBClient instance to the AWSCredentialsProvider , you enable it to “automatically update credentials” if / when AWSCredentials expires AWSCredentials (which I found in this AWS forum that requires account access).

To provide an explicit example in code, here is a generalization of what code ExpiredTokenException an ExpiredTokenException :

 AWSCredentialsProvider aWSCredentialsProvider = new SystemPropertiesCredentialsProvider(); //the above line may be substituted for any valid //*Provider implementation AWSCredentials aWSCredentials = aWSCredentialsProvider.getCredentials(); AmazonDynamoDBClient amazonDynamoDBClient = new AmazonDynamoDBClient(aWSCredentials); ... amazonDynamoDBClient.listTables(); //the above line is where the ExpiredTokenException is eventually thrown

And here is a generalization of the code that ExpiredTokenException :

 AWSCredentialsProvider aWSCredentialsProvider = new SystemPropertiesCredentialsProvider(); //substitute the above line for any valid *Provider implementation AmazonDynamoDBClient amazonDynamoDBClient = new AmazonDynamoDBClient(aWSCredentialsProvider); //the above line is now passing an instance of AWSCredentialsProvider //as opposed to AWSCredentials ... amazonDynamoDBClient.listTables(); //the above line is now enabled, via the AWSCredentialsProvider, to //automatically refresh the AWSCredentials if/when they have expired

Considering how much I went up all the Java Javadocs Java-SDKs and their examples (on which I based most of my own codes), I never noticed that this particular nuance caused. Hence the very detailed answer that I provide to those who follow me (which will probably include me, LOL).

+10
source

More articles:


All Articles