Python Boto3 MFA 在不通过 RoleArn 的情况下与 Access_Key_Id、Access_Key、Session_Token 和 MFA 建立连接
Python Boto3 MFA making connection with Access_Key_Id, Access_Key, Session_Token and MFA, without passing RoleArn
我们可以使用 python Boto3 建立 AWS 连接来列出和获取具有临时会话的对象,并且仅使用以下内容吗?并且没有通过 RoleArn?
_AWS_ACCESS_KEY_ID,
_AWS_SECRET_ACCESS_KEY,
_AWS_SESSION_TOKEN,
MFA 代码
我只有低于临时会话,我应该如何通过它,因为我没有 roleArn
我也检查了 post
但所有人都在使用 roleArn 。
由 运行 此代码工作,它不需要 RoleArn
import boto
from boto.s3.connection import S3Connection
from boto.sts import STSConnection
# Prompt for MFA time-based one-time password (TOTP)
mfa_TOTP = raw_input("Enter the MFA code: ")
# The calls to AWS STS GetSessionToken must be signed with the access key ID and secret
# access key of an IAM user. The credentials can be in environment variables or in
# a configuration file and will be discovered automatically
# by the STSConnection() function. For more information, see the Python SDK
# documentation: http://boto.readthedocs.org/en/latest/boto_config_tut.html
sts_connection = STSConnection()
# Use the appropriate device ID (serial number for hardware device or ARN for virtual device).
# Replace ACCOUNT-NUMBER-WITHOUT-HYPHENS and MFA-DEVICE-ID with appropriate values.
tempCredentials = sts_connection.get_session_token(
duration=3600,
mfa_serial_number="®ion-arn;iam::ACCOUNT-NUMBER-WITHOUT-HYPHENS:mfa/MFA-DEVICE-ID",
mfa_token=mfa_TOTP
)
# Use the temporary credentials to list the contents of an S3 bucket
s3_connection = S3Connection(
aws_access_key_id=tempCredentials.access_key,
aws_secret_access_key=tempCredentials.secret_key,
security_token=tempCredentials.session_token
)
# Replace BUCKET-NAME with an appropriate value.
bucket = s3_connection.get_bucket(bucket_name="BUCKET-NAME")
objectlist = bucket.list()
for obj in objectlist:
print obj.name
我们可以使用 python Boto3 建立 AWS 连接来列出和获取具有临时会话的对象,并且仅使用以下内容吗?并且没有通过 RoleArn?
_AWS_ACCESS_KEY_ID,
_AWS_SECRET_ACCESS_KEY,
_AWS_SESSION_TOKEN,
MFA 代码
我只有低于临时会话,我应该如何通过它,因为我没有 roleArn
我也检查了 post
由 运行 此代码工作,它不需要 RoleArn
import boto
from boto.s3.connection import S3Connection
from boto.sts import STSConnection
# Prompt for MFA time-based one-time password (TOTP)
mfa_TOTP = raw_input("Enter the MFA code: ")
# The calls to AWS STS GetSessionToken must be signed with the access key ID and secret
# access key of an IAM user. The credentials can be in environment variables or in
# a configuration file and will be discovered automatically
# by the STSConnection() function. For more information, see the Python SDK
# documentation: http://boto.readthedocs.org/en/latest/boto_config_tut.html
sts_connection = STSConnection()
# Use the appropriate device ID (serial number for hardware device or ARN for virtual device).
# Replace ACCOUNT-NUMBER-WITHOUT-HYPHENS and MFA-DEVICE-ID with appropriate values.
tempCredentials = sts_connection.get_session_token(
duration=3600,
mfa_serial_number="®ion-arn;iam::ACCOUNT-NUMBER-WITHOUT-HYPHENS:mfa/MFA-DEVICE-ID",
mfa_token=mfa_TOTP
)
# Use the temporary credentials to list the contents of an S3 bucket
s3_connection = S3Connection(
aws_access_key_id=tempCredentials.access_key,
aws_secret_access_key=tempCredentials.secret_key,
security_token=tempCredentials.session_token
)
# Replace BUCKET-NAME with an appropriate value.
bucket = s3_connection.get_bucket(bucket_name="BUCKET-NAME")
objectlist = bucket.list()
for obj in objectlist:
print obj.name