Serveral implemented services seems to return errors in a format that AWS Java SDK 2 can't handle
code-and-such opened this issue · comments
TLDR/Summary
It seems like a number of the implemented services return responses with errors that the AWS Java SDK v2 clients can't/won't parse.
Moto places many errors in ErrorResponse.Errors[].Error
and the SDK expects one error, at ErrorResponse.Error
The reason I say "a number of services" is that I've reported an error like this for SES, and now encountered exactly the same thing in IAM.
Comparing a moto response and an AWS response:
Moto:
<?xml version="1.0" encoding="UTF-8"?>
<ErrorResponse>
<Errors>
<Error>
<Code>InvalidParameterValue</Code>
<Message><![CDATA[Value ({"Version": "2012-10-17","Statement": [{"Effect": "Allow","Action": ["ses:SendRawEmail","ses:SendEmail"],"Resource": "*"}]}) for parameter PermissionsBoundary is invalid.]]></Message>
</Error>
</Errors>
<RequestId>uVSbWjsjxHXHgOz6bM0K4QqKE3vMn6D5U0KWe2nG0z9pbfJn32Q8</RequestId>
</ErrorResponse>
AWS:
<ErrorResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
<Error>
<Type>Sender</Type>
<Code>ValidationError</Code>
<Message>1 validation error detected: Value 'non-existing' at 'roleArn' failed to satisfy constraint: Member must have length greater than or equal to 20</Message>
</Error>
<RequestId>a77221e6-f9fa-41a5-9b84-ccdeb7c2b0da</RequestId>
</ErrorResponse>
Versions:
Moto image version motoserver/moto:5.0.6
Java SDK version: 2.25.40
Notes
It's worth pointing out that all AWS v2 clients I've seen so far use a common library to parse errors (and a bunch more). It's thus likely that most (all?) services will return errors in this format.
Like mentioned I use the AWS v2 clients. That is information is sent in the user agent header and it is possible that the server acts on that, and use a different response format. But I haven't confirmed this. Just a thought.
Refs:
The issue I reported on SES:
#7339
Hi @code-and-such, can you share an example call that fails for you? I've just tested it out with the get_role
-method, and the exception that we throw there is handled just fine by the Java SDK:
GetRoleRequest getRequest = GetRoleRequest.builder().roleName("unknown").build();
try {
iam.getRole(getRequest);
assertTrue("This should fail, as the rolename is invalid", false);
} catch (NoSuchEntityException e) {
assertTrue(e.getMessage().contains("Role unknown not found"));
}
Closing this, as there's not much we can do without a reproducible example.