Reputation: 23
I am trying to connect to Amazon Kendra to query already created datasource, I am getting some unmarshall error from SDK
Here is the code snippet :
String strIndexRole = "arn:aws:iam::<my acct no>:role/Kendra-CloudwatchRole";
AWSSecurityTokenService stsClient = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(new DefaultAWSCredentialsProviderChain())
.withEndpointConfiguration(new EndpointConfiguration("console.aws.amazon.com/kendra/home?region=us-east-1", "us-east-1"))
.build();
AssumeRoleRequest roleRequest = new AssumeRoleRequest()
.withRoleArn(strIndexRole).withDurationSeconds(7200);
AssumeRoleResult roleResponse = stsClient.assumeRole(roleRequest);
This is the exception:
15:38:30.301 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://console.aws.amazon.com:443][total available: 1; route allocated: 1 of 50; total allocated: 1 of 50] Exception in thread "main" com.amazonaws.SdkClientException: Unable to unmarshall response (ParseError at [row,col]:[19,24] Message: The reference to entity "state" must end with the ';' delimiter.). Response Code: 200, Response Text: OK at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleResponse(AmazonHttpClient.java:1750) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleSuccessResponse(AmazonHttpClient.java:1446) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1368) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1145) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:802) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:770) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:744) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:704) at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686) at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550) at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.doInvoke(AWSSecurityTokenServiceClient.java:1719) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1686) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1675) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.executeAssumeRole(AWSSecurityTokenServiceClient.java:589) at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRole(AWSSecurityTokenServiceClient.java:561) at com.aws.kendra.trial.SampleKendraTrial.main(SampleKendraTrial.java:73) Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[19,24] Message: The reference to entity "state" must end with the ';' delimiter. at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.next(XMLStreamReaderImpl.java:604) at com.sun.xml.internal.stream.XMLEventReaderImpl.peek(XMLEventReaderImpl.java:276) at com.amazonaws.transform.StaxUnmarshallerContext.nextEvent(StaxUnmarshallerContext.java:220) at com.amazonaws.services.securitytoken.model.transform.AssumeRoleResultStaxUnmarshaller.unmarshall(AssumeRoleResultStaxUnmarshaller.java:40) at com.amazonaws.services.securitytoken.model.transform.AssumeRoleResultStaxUnmarshaller.unmarshall(AssumeRoleResultStaxUnmarshaller.java:28) at com.amazonaws.http.StaxResponseHandler.handle(StaxResponseHandler.java:106) at com.amazonaws.http.StaxResponseHandler.handle(StaxResponseHandler.java:42) at com.amazonaws.http.response.AwsResponseHandlerAdapter.handle(AwsResponseHandlerAdapter.java:69) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleResponse(AmazonHttpClient.java:1726) ... 16 more
Upvotes: 0
Views: 992
Answers (1)
Reputation: 7964
I think part of the problem you have here is the way you are configuring your AWSSecurityTokenService. This problem is also indicated by following line in exception stack trace that you have posted above.
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRole(AWSSecurityTokenServiceClient.java:561)
Please refer this on how to assume an IAM role, get temporary credentials and invoke an AWS Service (here S3 is the AWS Service being called using temporary credentials) in Java. You can use the same concept to invoke Kendra APIs. From the above example you can take a clue on how to build BasicSessionCredentials and use that to build KendraClient (similar to how AmazonS3 client was built using AmazonS3ClientBuilder in above example). Once you have built KendraClient, you can refer to this example on how to query your Kendra index.
Upvotes: 0
Related Questions
- Error when running application - "|WARN|Fail to retrieve token com.amazonaws.SdkClientException: Failed to connect to service endpoint:"
- EndpointConnectionError: Could not connect to the endpoint URL: "https://secretsmanager.eu-west-1.amazonaws.com/"
- AWS SDK is throwing SdkClientException
- com.amazonaws.SdkClientException : Unable to execute HTTP request: sts.amazonaws.com in GetSessionToken
- Getting Issue in Java Connecting SP-API Using Java SDK sellingpartner-api-aa-java
- java.lang.NoSuchMethodError: com.amazonaws.protocol.json.JsonErrorShapeMetadata.withExceptionUnmarshaller
- User: x is not authorized to perform: (sts:DecodeAuthorizationMessage)`
- Why this error? Connect to sts.amazonaws.com:443 [sts.amazonaws.com/54.239.29.25] failed: connect timed out: com.amazonaws.SdkClientException
- AWS Kendra sdk call will not return results
- how to use credentials generated by logging via saml2aws in amazon kendra?