not able to access AWS credentials when I execute python CGI script in browser.
dynamodb = boto3.resource('dynamodb') By using above line in python file, I can able to get credentials from ~/.aws folder and execute it in CONSOLE.
But when I execute same code in Web-Browser, I am getting error (credentials are missing)
I tried setting environment variables and tried using config and credentials files. But didn't work.
dynamodb = boto3.resource('dynamodb')
ERRORRRR!!!!
raise NoCredentialsError
NoCredentialsError: Unable to locate credentials
The ~
in ~/.aws
represents the home directory of the current user. When the script is executed from the console that works, because you are the current user. When the script is executed via CGI the current user is some other account on your system, so ~
points to a different home directory where there is no credentials file.
If you are running this on an EC2 server, I would suggest switching to an IAM instance profile instead of a credentials file. Otherwise you will need to look into placing the credentials file under the correct user account home directory, or setting the credentials as environment variables to the CGI process.
Based on Mark B answer I managed to solve a similar problem, I tried to for weeks..
My python script is running flawlessly locally from IDEL on windows server
However, when it called by web client ( java script) got the error
botocore.exceptions.NoCredentialsError: Unable to locate credentials
The problem was exactly as Mark pointed related to home directory, when the script run locally, for example in windows, it is C:\\Users\\USER_NAME so it can find the credentials in the default location C:\\Users\\USER_NAME\\.aws\\credentials as the documentation states , however when it is run using CGI the home directory is different
So to fix that:
1 - Know what your home directory (During run-time)
from pathlib import Path
place these line before trying to access AWS service
home = str(Path.home())
print('Home %s'%home)
copy the full home path
2- Go to that directory and place a copy of .aws directory inside it.
3- Give the permission to read files inside .aws
For IIS server
cd {full_home_path} + \.aws //Remove {} and +
icacls . /grant "NT AUTHORITY\IUSR:(OI)(CI)(R)"
icacls . /grant "Builtin\IIS_IUSRS:(OI)(CI)(R)"
4- Reboot the server
5- Try python script from web client
6- It should work.
Typically, environments such as CGI run as the root
user. However, this varies based upon how the service is configured.
You have several options:
root
, the home directory for root is /root
. Create the directory /root/.aws
. Then copy the contents of directory ~/.aws
to /root/.aws
. You will need to su
to have the privileges./AWS
. Copy your credentials to this directory. Now in your code specify the path to the credentials file /AWS/credentials
.aws_access_key
and aws secret_access_key
in your program. This is not recommended as anytime you put your credentials in your program you open security risks.This AWS document explains in detail how credentials are managed. Take the time to read it from top to bottom.
I also recommend switching from using boto3 resource
to boto3 client
. This will give you many more options in your code.
Example: Specify your credentials via hard coded credentials (not recommended):
import boto3
session = boto3.Session(
# Hard coded strings as credentials, not recommended.
aws_access_key_id='AKIAIO5FODNN7EXAMPLE',
aws_secret_access_key='ABCDEF+c2L7yXeGvUyrPgYsDnWRRC1AYEXAMPLE',
)
dynamodb = boto3.resource('dynamodb')
You can store your AWS credentials in any file format that you want and then read that file back to load the AWS access keys into your code.
I tried Amazon Translate with Google Colab and it's completely working fine.
Install boto3 client in cloud IDE
pip install boto3
Import client and it's configuration
import boto3
from botocore.config import Config
Call Amazon Translate Service
translate = boto3.client(service_name='translate', region_name='us-east-2', use_ssl=True,aws_access_key_id = 'YOUR ACCESS KEY ID',aws_secret_access_key='YOUR ACCESS KEY' )
result = translate.translate_text(Text="YOUR TEXT TO TRANSLATE", SourceLanguageCode="en", TargetLanguageCode="ta")
You can access the result in JSON format
print(result)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.