我已经通过亚马逊网络控制台生成了ssh密钥。但是如何使用它来创建胶水开发者端点?
请考虑以下代码段:
IAMRole:
Type: "AWS::IAM::Role"
DeletionPolicy: "Delete"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service: "glue.amazonaws.com"
action: "sts:AssumeRole"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/AmazonS3Fullaccess"
- "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
MaxSessionDuration: 3600
Path: "/role/"
# PermissionsBoundary: String
# Policies: Json
RoleName: "GlueDevEndpoint"
GlueDevEndpoint:
Type: AWS::Glue::DevEndpoint
DeletionPolicy: "Delete"
Properties:
EndpointName: MyEndpointName
GlueVersion: "1.0"
NumberOfNodes: 2
PublicKey: >
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "imported-openssh-key"
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
---- END SSH2 PUBLIC KEY ----
RoleArn: !Getatt IAMRole.Arn
我遇到错误:
An error occurred: GlueDevEndpoint - Invalid SSH RSA public key. ssh-keygen -t rsa -C "your_email@example.com" (Service: AWSGlue; Status Code: 400; Error Code: InvalidInputException.
我尝试放入以下内容:
-
从AWS控制台下载了
-
pem
文件。 - 通过腻子提取公共/私人关键部件并使用它们
- 通过以下命令提取公钥: openssl rsa -in my-key.pem -pubout> my-key.pubrsa
- 通过以下命令提取公钥: ssh-keygen -y -f my-key.pem> my-key2.pubrsa
从所有这些文件中放入内容会导致相同的错误。我认为应该生成公钥以具有类似
-----BEGIN RSA PUBLIC KEY-----
,但之前的所有方法都为我提供了具有不同标题的公共密钥:
-----BEGIN RSA PRIVATE KEY-----
,---- BEGIN SSH2 PUBLIC KEY ----
,-----BEGIN PUBLIC KEY-----
有什么想法吗?