I want to connect to the S3 using arn. but not sure how I can make a connection
I am looking for a code something like.
ARN = boto3.client('s3', 'arn:aws:iam::****:role/***')
Is there any way that I can make a connection using arn?
Asked
Active
Viewed 1,303 times
2
-
You want to assume the role `arn:aws:iam::****:role/***` and then access the S3? – Marcin Feb 16 '22 at 11:04
-
Yes I want to access s3 assuming this role. Is it possible to access the S3 without access and secret keys. Sorry if my question is confusing I am pretty new to python @Marcin – Py1996 Feb 16 '22 at 11:13
-
Where does the python run? On EC2 instance, lambda function, ecs container or maybe your local computer at home/work? – Marcin Feb 16 '22 at 11:17
-
it runs on ECS @Marcin – Py1996 Feb 16 '22 at 11:21
1 Answers
2
it runs on ECS
If so, then you do not have to explicitly assume the role in your application. Instead you should use (its a good practice) an IAM Role for Task. Thus if you can change arn:aws:iam::****:role/*** into a task role, boto3 will automatically assume it and you don't have to do anything in your python code.
But if you still need to assume some role in your ECS task, then your IAM Role for Task should have sts:AsumeRole permission to actually be able to assume arn:aws:iam::****:role/***. But the first option is better choice if you can use it.
Marcin
- 215,873
- 14
- 235
- 294