通过ansible访问AWS时遇到403禁止错误
[英]Getting a 403 forbidden error on accessing AWS through ansible
问题描述
have been given access key and secret key through IAM. 
已通过IAM获得访问密钥和秘密密钥。 But restricted to open IAM through my AWS console. 但仅限于通过我的AWS控制台打开IAM。
After setting the environment variables for access key and secret key, region. 在为访问密钥和秘密密钥设置区域的环境变量之后。
executed ./ec2.py --list which gives 403 forbidden error. 执行./ec2.py --list,它会给出403禁止的错误。 What will be the problem? 有什么问题吗?
And i have seen my policy. 而且我已经看到了我的政策。 the policy structure of my IAM is 我的IAM的政策结构是
Statements :
Effect:allow
Resource:ec2:*
Sorry I cannot copy my policy structure. 抱歉,我无法复制我的政策结构。 And i run behind a proxy. 我在代理后面跑。 I don't think so proxy may be a drawback because am getting response. 我不认为代理服务器可能是一个缺点,因为得到响应。
The AWS console can be connected only by having a remote desktop gateway and a server. 只有拥有远程桌面网关和服务器才能连接AWS控制台。 Will this may be a problem. 请问这可能是个问题。 But I have my access id and secret id. 但是我有我的访问ID和秘密ID。
2 个解决方案
解决方案1
1 2015-08-20 16:06:33
It sounds like you either do not have your environment set up correctly, or have the incorrect permissions to list metadata about your EC2 instances. 听起来您要么没有正确设置环境,要么没有正确的权限来列出有关EC2实例的元数据。 If it's the former, you need to export your AWS_ACCESS and AWS_SECRET, eg: 如果是前者,则需要导出AWS_ACCESS和AWS_SECRET,例如:
export AWS_SECRET_ACCESS_KEY=your-aws-secret-key
export AWS_ACCESS_KEY_ID=your-aws-access-key
If you are referring to permissions on the remote host for making calls to EC2 then you can do this by creating IAM roles which delegate various rights to instances that belong to the role. 如果要引用远程主机上的权限来调用EC2,则可以通过创建IAM 角色 (将各种权限委派给属于该角色的实例)来实现。
解决方案2
-2 已采纳 2015-08-30 05:50:57
错误是角色分配和公司代理。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.