我目前正在尝试访问虚拟机内的 Amazon S3 并下载如下文件:
s3 = boto3.resource('s3',
aws_access_key_id="xxxxxxxxxxx",
aws_secret_access_key="xxxxxxxxxxxxxxxxx")
s3client = boto3.client('s3')
bucket = s3.Bucket('bucketone')
for obj in bucket.objects.all():
s3client.download_file(bucket_name, obj.key, filename)
但我得到了错误:
botocore.exceptions.ClientError: An error occurred (InvalidAccessKeyId) when calling the ListObjects operation: The AWS Access Key Id you provided does not exist in our records.
我可能做错了什么?我检查了我的
aws_access_key_id
和 aws_secret_access_key
多次,但仍然得到相同的错误。相同的代码在本地,但不在虚拟机上,实际上也可以在不同的计算机上运行。我必须在 key 中进行硬编码是有原因的。
最佳答案
Boto3 用户 当心
TL;博士
如果您使用临时凭证通过 Boto3 连接到 AWS 服务,则必须包含当前的 aws_session_token
作为您的boto3.session.Session
的参数实例。
from boto3.session import Session
# Ideally this is picked up your ENV.
id_ = "<id>"
secret = "<secret>"
token = "token"
session = Session(
aws_access_key_id=id_,
aws_secret_access_key=secret,
aws_session_token=token,
region_name='<region>'
)
# Test it on a service (yours may be different)
s3 = session.resource('s3')
# Print out bucket names
for bucket in s3.buckets.all():
print(bucket.name)
解释当您在 Boto3 中测试凭据时,这是一条至关重要的信息:
您收到的错误可能会这样说,
ClientError: An error occurred (InvalidAccessKeyId) when calling the ListBuckets operation: The AWS Access Key Id you provided does not exist in our records.
但可能意味着您缺少
aws_session_token
如果您使用的是临时凭证(在我的情况下,是基于角色的凭证)。根据 AWS 文档,这些是
boto3.session.Session
可用的参数。对象,但是,在 Boto3 中没有任何指示或说明:Parameters
aws_access_key_id (string) -- AWS access key ID
aws_secret_access_key (string) -- AWS secret access key
aws_session_token (string) -- AWS temporary session token
region_name (string) -- Default region when creating new connections
botocore_session (botocore.session.Session) -- Use this Botocore session instead of creating a new default one.
profile_name (string) -- The name of a profile to use. If not given, then the default profile is used.
关于aws_session_token
Specifies an AWS session token used as part of the credentials to authenticate the user. A session token is required only if you manually specify temporary security credentials.
资源
关于amazon-web-services - Boto3 错误 : The AWS Access Key Id you provided does not exist in our records,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43907689/