我试图为boto3执行Assume_Role,但我有下一个错误:
Traceback (most recent call last):
File "ststest.py", line 7, in <module>
DurationSeconds=990
File "/Users/Randal/Desktop/TFG/Venv27/lib/python2.7/site-packages/botocore/client.py", line 269, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/Randal/Desktop/TFG/Venv27/lib/python2.7/site-packages/botocore/client.py", line 323, in _make_api_call
raise ClientError(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the AssumeRole operation: Not authorized to perform sts:AssumeRole
我正在使用python的下一个代码:
import boto3
client = boto3.client('sts')
response = client.assume_role(
RoleArn='arn:aws:iam::533680604961:role/Barney',
RoleSessionName='auth',
Policy='{"Version": "2012-10-17", "Statement": [{"Effect": "Allow","Action": "s3:*","Resource": "*"}]}',
DurationSeconds=990
)
我的凭据包含用户“Barney”的API和密钥,此属于该用户具有下一个权限:
-AdministratorAccess:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}
-CreateSTSPolicy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "sts:AssumeRole",
"Resource": "arn:aws:iam::533680604961:role/AdminAccess"
}
]
}
有人可以帮助我吗?