Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Running boto3 from a python script executed in CodeBuild

0

To put it very simple i have a python script that i expect to run in CodeBuild. Python script uses boto3 and when it gets executed i get an error stating i have no credentials.

response = self.client.get_parameters(Names=parameters, WithDecryption=with_decryption)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/client.py", line 530, in _api_call\n    return self._make_api_call(operation_name, kwargs)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/client.py", line 943, in _make_api_call\n    http, parsed_response = self._make_request(\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/client.py", line 966, in _make_request\n    return self._endpoint.make_request(operation_model, request_dict)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/endpoint.py", line 119, in make_request\n    return self._send_request(request_dict, operation_model)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/endpoint.py", line 198, in _send_request\n    request = self.create_request(request_dict, operation_model)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/endpoint.py", line 134, in create_request\n    self._event_emitter.emit(\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/hooks.py", line 412, in emit\n    return self._emitter.emit(aliased_event_name, **kwargs)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/hooks.py", line 256, in emit\n    return self._emit(event_name, kwargs)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/hooks.py", line 239, in _emit\n    response = handler(**kwargs)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/signers.py", line 105, in handler\n    return self.sign(operation_name, request)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/signers.py", line 189, in sign\n    auth.add_auth(request)\n","  File "/codebuild/output/src702091068/src/.tox/cloud/lib/python3.9/site-packages/botocore/auth.py", line 418, in add_auth\n    raise NoCredentialsError()\n","botocore.exceptions.NoCredentialsError: Unable to locate credentials\n"]

The service i intend to access from CodeBuild system is in fact SSM Parameter Store. I've already granted permissions in the CodeBuild Service Role but i'm not quite sure why i keep getting NoCredentials.

If i run the script locally it all works fine.

Argomenti
Strumenti per sviluppatoriDevOps
Tag
AWS CodeBuildCI/CD ToolsDevOps
Lingua
English
KhayaTKD
posta un anno fa684 visualizzazioni
3 Risposte
2

Take a look at this: Error: "Unable to locate credentials".

profile pictureAWS
ESPERTO
kentrad
con risposta un anno fa
1

I wrote a python script to upload to AWS using boto3 and when I turn on debug level logging for boto3 and botocore, it shows where it's looking for credentials and what the result is. I'm not sure this will help or not. If you need an example of that, I can post the relevant code here.

jschwar313
con risposta un anno fa
1

If you only need to access a SSM parameter store parameter, you can use buildspec env section to get the parameter store as an environment variable.

Please refer https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store for more details.

AWS
Junseong_J
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente