【发布时间】:2020-10-02 23:38:47
【问题描述】:
我正在工作流中的 python 中运行 rundeck 作业以启动实例。我收到ap-south-1 区域的以下 boto3 异常
Regions are: ['ap-south-1']
10:13:58 Traceback (most recent call last):
10:13:58 File "/var/lib/rundeck/pyscripts/rundeck_refactored_code/aws_zabbix/workflow_start.py", line 115, in <module>
10:13:58 start_instance()
10:13:58 File "/var/lib/rundeck/pyscripts/rundeck_refactored_code/aws_zabbix/workflow_start.py", line 80, in start_instance
10:13:58 res_inst = ec2.describe_instances(Filters=[{'Name': 'network-interface.addresses.private-ip-address', 'Values': [sys.argv[2]]}])
10:13:58 File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 316, in _api_call
10:13:58 return self._make_api_call(operation_name, kwargs)
10:13:58 File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 635, in _make_api_call
10:13:58 raise error_class(parsed_response, operation_name)
10:13:58 botocore.exceptions.ClientError: An error occurred (AuthFailure) when calling the DescribeInstances operation: AWS was not able to validate the provided access credentials
10:13:58 Failed: NonZeroResultCode: Result code was 1
我正在使用密钥引擎从 AWS 授权访问密钥和密钥并定义了已定义的策略文档
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:RebootInstances",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
...
在 Centos7 上使用 python 3.6.8。 boto3==1.14.20
根据question的回答。
一段时间后,我从虚拟机主机尝试了相同的脚本,而不是 rundeck,脚本成功执行,没有任何错误。 请求 AWS 专家或遇到此问题的人调查此问题。
围绕错误的代码是:
for region in regions:
ec2 = boto3.client('ec2',region_name=region,aws_access_key_id=access_key, aws_secret_access_key=secret_key)
res_inst = ec2.describe_instances(Filters=[{'Name': 'network-interface.addresses.private-ip-address', 'Values': [sys.argv[2]]}])
我有从秘密引擎检索到的访问密钥和秘密密钥
【问题讨论】:
-
嗨!也许这是相关的:stackoverflow.com/a/43675610/10426011
-
您能否进一步分享您的代码
ec2 = boto3.client('ec2')或类似的东西?这会影响您使用 AWS 进行授权的方式 -
@Leondkr 我添加了您要求的支持代码
标签: python-3.x amazon-web-services amazon-ec2 boto3 rundeck