I'm in a new role and learning about boto3. While I am familiar with some AWS concepts such as how to deploy EC2 instances, setup groups. I'm still learning about IAM roles. My goal in my current project is to be able to automate EC2 deployments to our dev account. My first hurdle is trying to understand how to first connect to the dev account in boto3. My intent with this script is to list the objects I have in my S3 bucket.
import boto3
mfa_TOTP = input("Enter the MFA code: ")
client=boto3.client('sts')
response = client.assume_role(
RoleArn='arn:aws:iam::[BLANKED_OUT]:role/IAM_user',
RoleSessionName='mysession',
DurationSeconds=3600,
SerialNumber='arn:aws:iam::[BLANKED_OUT]:mfa/user1',
TokenCode=mfa_TOTP,
)
s3 = response.resource('s3')
bucket = s3.bucket('bucket1')
bucket.list_objects(bucket)
When I do this I get a few errors:
Traceback (most recent call last):
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connection.py", line 169, in _new_conn
conn = connection.create_connection(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3utilconnection.py", line 73, in create_connection
for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
File "C:Users[user]AppDataLocalProgramsPythonPython39libsocket.py", line 953, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno 11001] getaddrinfo failed
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehttpsession.py", line 254, in send
urllib_response = conn.urlopen(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3util
etry.py", line 506, in increment
raise six.reraise(type(error), error, _stacktrace)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3packagessix.py", line 735, in reraise
raise value
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 382, in _make_request
self._validate_conn(conn)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connectionpool.py", line 1010, in _validate_conn
conn.connect()
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connection.py", line 353, in connect
conn = self._new_conn()
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesurllib3-1.26.2-py3.9.eggurllib3connection.py", line 181, in _new_conn
raise NewConnectionError(
urllib3.exceptions.NewConnectionError: <botocore.awsrequest.AWSHTTPSConnection object at 0x0000022C379A8C40>: Failed to establish a new connection: [Errno 11001] getaddrinfo failed
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:linux_scratchs3_query.py", line 8, in <module>
response = client.assume_role(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreclient.py", line 357, in _api_call
return self._make_api_call(operation_name, kwargs)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreclient.py", line 662, in _make_api_call
http, parsed_response = self._make_request(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreclient.py", line 682, in _make_request
return self._endpoint.make_request(operation_model, request_dict)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 102, in make_request
return self._send_request(request_dict, operation_model)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 136, in _send_request
while self._needs_retry(attempts, operation_model, request_dict,
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 253, in _needs_retry
responses = self._event_emitter.emit(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehooks.py", line 356, in emit
return self._emitter.emit(aliased_event_name, **kwargs)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehooks.py", line 228, in emit
return self._emit(event_name, kwargs)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehooks.py", line 211, in _emit
response = handler(**kwargs)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 183, in __call__
if self._checker(attempts, response, caught_exception):
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 250, in __call__
should_retry = self._should_retry(attempt_number, response,
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 277, in _should_retry
return self._checker(attempt_number, response, caught_exception)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 316, in __call__
checker_response = checker(attempt_number, response,
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 222, in __call__
return self._check_caught_exception(
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocore
etryhandler.py", line 359, in _check_caught_exception
raise caught_exception
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 200, in _do_get_response
http_response = self._send(request)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocoreendpoint.py", line 269, in _send
return self.http_session.send(request)
File "C:Users[user]AppDataLocalProgramsPythonPython39libsite-packagesotocore-1.19.46-py3.9.eggotocorehttpsession.py", line 283, in send
raise EndpointConnectionError(endpoint_url=request.url, error=e)
botocore.exceptions.EndpointConnectionError: Could not connect to the endpoint URL: "https://sts.us-east-1a.amazonaws.com/"
Any help to better understand this error and how to proceed forward would very helpful.
question from:
https://stackoverflow.com/questions/65646692/how-is-one-supposed-to-pass-an-mfa-token-to-work-with-boto3-clients