1. 首頁
  2. 問答
  3. IAM憑據錯誤404

IAM憑據錯誤404

2013-09-27 43 views
2

在us-east-1的ec2實例上運行時,我無法讓boto使用IAM進行身份驗證。 AMI是最近的亞馬遜Linux。IAM憑據錯誤404

$ python 
Python 2.6.8 (unknown, Mar 14 2013, 09:31:22) 
[GCC 4.6.2 20111027 (Red Hat 4.6.2-2)] on linux2 
Type "help", "copyright", "credits" or "license" for more information. 
>>> import boto 
>>> boto.__version__ 
'2.13.3' 
>>> c = boto.connect_s3() 
Traceback (most recent call last): 
    File "<stdin>", line 1, in <module> 
    File "/usr/lib/python2.6/site-packages/boto/__init__.py", line 135, in connect_s3 
    return S3Connection(aws_access_key_id, aws_secret_access_key, **kwargs) 
    File "/usr/lib/python2.6/site-packages/boto/s3/connection.py", line 174, in __init__ 
    validate_certs=validate_certs) 
    File "/usr/lib/python2.6/site-packages/boto/connection.py", line 557, in __init__ 
    host, config, self.provider, self._required_auth_capability()) 
    File "/usr/lib/python2.6/site-packages/boto/auth.py", line 728, in get_auth_handler 
    'Check your credentials' % (len(names), str(names))) 
boto.exception.NoAuthHandlerFound: No handler was ready to authenticate. 1 handlers were checked. ['HmacAuthV1Handler'] Check your credentials

感謝https://github.com/boto/boto/pull/1175我能夠獲得更多信息。顯然它試圖使用IAM,但是失敗。

>>> import os 
>>> boto.set_stream_logger('boto') 
>>> c = boto.connect_s3() 
2013-09-26 21:52:11,685 boto [DEBUG]:Retrieving credentials from metadata server. 
2013-09-26 21:52:11,688 boto [ERROR]:Caught exception reading instance data 
Traceback (most recent call last): 
    File "/usr/lib/python2.6/site-packages/boto/utils.py", line 211, in retry_url 
    r = opener.open(req) 
    File "/usr/lib64/python2.6/urllib2.py", line 397, in open 
    response = meth(req, response) 
    File "/usr/lib64/python2.6/urllib2.py", line 510, in http_response 
    'http', request, response, code, msg, hdrs) 
    File "/usr/lib64/python2.6/urllib2.py", line 435, in error 
    return self._call_chain(*args) 
    File "/usr/lib64/python2.6/urllib2.py", line 369, in _call_chain 
    result = func(*args) 
    File "/usr/lib64/python2.6/urllib2.py", line 518, in http_error_default 
    raise HTTPError(req.get_full_url(), code, msg, hdrs, fp) 
HTTPError: HTTP Error 404: Not Found 
2013-09-26 21:52:11,725 boto [ERROR]:Unable to read instance data, giving up

快速tcpdump的同意:博託連接到instance-data.ec2.internalGET /latest/meta-data/iam/security-credentials/,然後接收404 Not Found。這似乎是第一個也是唯一的HTTP請求。到目前爲止,我還沒有找到任何類似問題的報告,但也許boto應該在該GET請求路徑末尾提供一個角色名稱?

有人看到我在做什麼錯了嗎?我該如何調試這個問題?

來源

2013-09-27 mblakele

回答

2 
boto.exception.NoAuthHandlerFound: [...] Check your credentials

當您使用IAM,你必須確保你有足夠的權限,S3,即通過在用戶安裝該策略Amazon S3 Full Access

來源

2014-01-16 12:36:55 andpei

+0

感謝您的想法。我不再有權訪問有問題的IAM帳戶,但這聽起來似乎合理。 IAM賬戶能夠在AWS控制檯中完成我所需的一切,但boto可能需要額外的權限纔有意義。 – mblakele

相關問題

 相關問題