python - How is one supposed to pass an MFA token to work with boto3 clients?

Question

I'm in a new role and learning about boto3. While I am familiar with some AWS concepts such as how to deploy EC2 instances, setup groups. I'm still learning about IAM roles. My goal in my current project is to be able to automate EC2 deployments to our dev account. My first hurdle is trying to understand how to first connect to the dev account in boto3. My intent with this script is to list the objects I have in my S3 bucket.

        import boto3
    
    
    mfa_TOTP = input("Enter the MFA code: ")
    
    client=boto3.client('sts')
    
    response = client.assume_role(
        RoleArn='arn:aws:iam::[BLANKED_OUT]:role/IAM_user',
        RoleSessionName='mysession',
        DurationSeconds=3600,
        SerialNumber='arn:aws:iam::[BLANKED_OUT]:mfa/user1',
        TokenCode=mfa_TOTP,
    )
    
    s3 = response.resource('s3')
    bucket = s3.bucket('bucket1')
    bucket.list_objects(bucket)

When I do this I get a few errors:

Traceback (most recent call last):
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connection.py", line 169, in _new_conn
    conn = connection.create_connection(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3utilconnection.py", line 73, in create_connection
    for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsocket.py", line 953, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno 11001] getaddrinfo failed

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehttpsession.py", line 254, in send
    urllib_response = conn.urlopen(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 755, in urlopen
    retries = retries.increment(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3util
etry.py", line 506, in increment
    raise six.reraise(type(error), error, _stacktrace)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3packagessix.py", line 735, in reraise
    raise value
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 699, in urlopen
    httplib_response = self._make_request(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 382, in _make_request
    self._validate_conn(conn)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 1010, in _validate_conn
    conn.connect()
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connection.py", line 353, in connect
    conn = self._new_conn()
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connection.py", line 181, in _new_conn
    raise NewConnectionError(
urllib3.exceptions.NewConnectionError: <botocore.awsrequest.AWSHTTPSConnection object at 0x0000022C379A8C40>: Failed to establish a new connection: [Errno 11001] getaddrinfo failed

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:linux_scratchs3_query.py", line 8, in <module>
    response = client.assume_role(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreclient.py", line 357, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreclient.py", line 662, in _make_api_call
    http, parsed_response = self._make_request(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreclient.py", line 682, in _make_request
    return self._endpoint.make_request(operation_model, request_dict)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 102, in make_request
    return self._send_request(request_dict, operation_model)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 136, in _send_request
    while self._needs_retry(attempts, operation_model, request_dict,
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 253, in _needs_retry
    responses = self._event_emitter.emit(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehooks.py", line 356, in emit
    return self._emitter.emit(aliased_event_name, **kwargs)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehooks.py", line 228, in emit
    return self._emit(event_name, kwargs)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehooks.py", line 211, in _emit
    response = handler(**kwargs)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 183, in __call__
    if self._checker(attempts, response, caught_exception):
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 250, in __call__
    should_retry = self._should_retry(attempt_number, response,
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 277, in _should_retry
    return self._checker(attempt_number, response, caught_exception)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 316, in __call__
    checker_response = checker(attempt_number, response,
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 222, in __call__
    return self._check_caught_exception(
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 359, in _check_caught_exception
    raise caught_exception
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 200, in _do_get_response
    http_response = self._send(request)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 269, in _send
    return self.http_session.send(request)
  File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehttpsession.py", line 283, in send
    raise EndpointConnectionError(endpoint_url=request.url, error=e)
botocore.exceptions.EndpointConnectionError: Could not connect to the endpoint URL: "https://sts.us-east-1a.amazonaws.com/" 

Any help to better understand this error and how to proceed forward would very helpful.

question from:https://stackoverflow.com/questions/65646692/how-is-one-supposed-to-pass-an-mfa-token-to-work-with-boto3-clients

Answer 1

Waitting for answers