2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Hi,
You probably have an authentication / authorization issue when coming via SDK and boto3. It's well explained here: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html
I personally use the env vars AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY when working with Python SDK.
To see under which identity you currently run, just place a call to boto3 STS get_caller_identity()
Best,
Didier
0
Here is a way to troubleshoot the issue
- Install AWS CLI
- Run this command in your terminal or cmd
aws configure
- Enter your IAM user credentials and the default AWS region
- Test any of s3 commands in CLI. Eg.
aws s3 ls
If the above command listed the buckets there's no issue with IAM user permissions. It's an issue with the code or the package.
답변함 2달 전
관련 콘텐츠
- 질문됨 8달 전
AWS 공식업데이트됨 2년 전- AWS 공식업데이트됨 2년 전
I've re-tried using environment variables (was using credential file previously), but no luck. I can see that the user is as expected when doing
get_caller_identity(). The access key, again, does log that it was last used a few minutes ago to access S3, but I received the same AccessDenied message when trying any action.By the way, what kind of code are you trying to access? If there is no problem with the IAM authentication information, I think there may be a problem with the way the code is written.
Another thing to explore: is the IAM user corresponding to AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in active state from IAM perspective? Seehttps://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor-view-data.html to see when your user last came and if it is active (IAM may deactivate it after some time: I had it for myself recently)