[英]How to retrieve mfa_serial from config file in boto3?
In my ~/.aws/config file I have:在我的 ~/.aws/config 文件中我有:
[dev]
region = us-east-1
output = json
mfa_serial = arn:aws:iam::1111:mfa/user
How do I retrieve that mfa_serial from the config in boto3 so I don't have to specify the arn in the py script?如何从 boto3 的配置中检索 mfa_serial,这样我就不必在 py 脚本中指定 arn?
sts = session.client('sts')
mfa_code = input("Enter the MFA code: ")
mfa_session = sts.get_session_token(
DurationSeconds=3600,
SerialNumber=mfa_serial,
TokenCode=mfa_code
)
You can get the mfa_serial defined in the current config file using botocore.session.get_scoped_config您可以使用 botocore.session.get_scoped_config 获取当前配置文件中定义的 mfa_serial
from botocore.session import Session
Session().get_scoped_config().get('mfa_serial')
If you're okay getting username input you can get the MFA arn programmatically using list_mfa_devices
.如果您可以输入用户名,则可以使用
list_mfa_devices
以编程方式获取 MFA arn。
This snippet requests the User's IAM name and then retrieves the MFA information.此代码段请求用户的 IAM 名称,然后检索 MFA 信息。
import boto3
iam = session.client('iam')
user = input("Username: ")
response = iam.list_mfa_devices(UserName=user)['MFADevices']
mfa = next(iter(response))['SerialNumber']
print(mfa)
The output will be this format:输出将是这种格式:
arn:aws:iam::123456789123:mfa/amandahugginkiss
arn:aws:iam::123456789123:mfa/amandahugginkiss
References参考
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.list_mfa_devices https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html#IAM.Client.list_mfa_devices
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.