[英]unable to loacte credentials while make a connection with DB using boto3
我想連接到我的數據庫並想檢索數據。 我目前正在使用 AWS amazon linux2 實例。 我用boto3連接。
def db_conn():
secret_id = 'XXXXXXXXXXXXXXXX'
try:
client = boto3.client('secretsmanager',region_name="ap-southeast-2")
get_secret_value_response = client.get_secret_value(SecretId=secret_id)
except Exception as e:
raise e
else:
if 'SecretString' in get_secret_value_response:
Secret_Json = json.loads(get_secret_value_response['SecretString'])
if Secret_Json is None:
print("secret string is null")
exit()
driver = 'postgresql+psycopg2://'
db_user = Secret_Json['username']
db_pw = Secret_Json['password']
db_address_port_db = Secret_Json['host'] + \
':' + \
str(Secret_Json['port']) + \
'/' + \
Secret_Json['dbInstanceIdentifier']
application.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
application.config['SQLALCHEMY_DATABASE_URI'] = driver + db_user + ':' + db_pw + '@' + db_address_port_db
db = SQLAlchemy(application)
return db
我遇到一個錯誤,提示找不到憑據
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python3.7/site-packages/botocore/client.py", line 316, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/usr/local/lib/python3.7/site-packages/botocore/client.py", line 622, in _make_api_call
operation_model, request_dict, request_context)
File "/usr/local/lib/python3.7/site-packages/botocore/client.py", line 641, in _make_request
return self._endpoint.make_request(operation_model, request_dict)
File "/usr/local/lib/python3.7/site-packages/botocore/endpoint.py", line 102, in make_request
return self._send_request(request_dict, operation_model)
File "/usr/local/lib/python3.7/site-packages/botocore/endpoint.py", line 132, in _send_request
request = self.create_request(request_dict, operation_model)
File "/usr/local/lib/python3.7/site-packages/botocore/endpoint.py", line 116, in create_request
operation_name=operation_model.name)
File "/usr/local/lib/python3.7/site-packages/botocore/hooks.py", line 356, in emit
return self._emitter.emit(aliased_event_name, **kwargs)
File "/usr/local/lib/python3.7/site-packages/botocore/hooks.py", line 228, in emit
return self._emit(event_name, kwargs)
File "/usr/local/lib/python3.7/site-packages/botocore/hooks.py", line 211, in _emit
response = handler(**kwargs)
File "/usr/local/lib/python3.7/site-packages/botocore/signers.py", line 90, in handler
return self.sign(operation_name, request)
File "/usr/local/lib/python3.7/site-packages/botocore/signers.py", line 160, in sign
auth.add_auth(request)
File "/usr/local/lib/python3.7/site-packages/botocore/auth.py", line 357, in add_auth
raise NoCredentialsError
botocore.exceptions.NoCredentialsError: Unable to locate credentials
請幫我做些什么來解決這個問題?
您必須為您的實例分配一個具有所需權限的IAM 角色:
Boto3 將使用該角色的權限來訪問您的資源,例如Secrets Manager 。
例如,該角色可以包括從Secrets Manager
讀取的內聯策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "secretsmanager:GetSecretValue",
"Resource": "<arn-of-your-sercert>"
}
]
}
如果您使用 KMS 加密您的密鑰,則可能還需要 KMS 權限。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.