我正在尝试在我的应用程序中添加MFA(多因素身份验证),我将在其中将对象存储在AWS S3存储桶中。我浏览了AWS文档,但是在以C#编程方式向AWS发送任何请求时,找不到能够传递MFA tokedn的任何内容。
这是我没有MFA的工作代码段,
var awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
_client = new AmazonS3Client(awsCredentials, Amazon.RegionEndpoint.USEast1);
var putRequest = new PutObjectRequest
{
BucketName = ConfigurationManager.AppSettings["S3BucketName"],
Key = fileName,
FilePath = localFilePath,
ContentType = "image/" + Path.GetExtension(fileName),
CannedACL = S3CannedACL.PublicRead
};
var req = JsonConvert.SerializeObject(putRequest);
我希望在上述代码中添加MFA身份验证令牌。
答案 0 :(得分:0)
MFA令牌中的TOTP不会直接随请求传递。
相反,您首先调用安全令牌服务(STS),在此您实质上将“当前”凭据和MFA信息“交换”为一组用于验证后续请求的临时凭据。
根据MFA保护的场景,用户将调用支持MFA参数
p1 = LOAD 'poems/input/Poem1.txt' USING TextLoader AS(line:Chararray); p2 = LOAD 'poems/input/Poem2.txt' USING TextLoader AS(line:Chararray); p3 = LOAD 'poems/input/Poem3.txt' USING TextLoader AS(line:Chararray); p4 = LOAD 'poems/input/Poem4.txt' USING TextLoader AS(line:Chararray); p5 = LOAD 'poems/input/Poem5.txt' USING TextLoader AS(line:Chararray); p6 = LOAD 'poems/input/Poem6.txt' USING TextLoader AS(line:Chararray); p = UNION p1, p2, p3, p4, p5, p6; words = foreach p generate flatten(TOKENIZE(line , ' ,;:!?\t\n\r\f\\.\\-')) as word; words_lower = foreach words generate LOWER(word) as word_lower; words_unique = group words_lower by word_lower; words_with_size = foreach words_unique generate SIZE(words_lower) as size, group; words_with_size_concat = CONCAT words_with_count BY (CHARARRAY)size(words_lower) DESC, group;或AssumeRole的AWS STS API操作之一,如稍后所述。作为呼叫的一部分,用户包括与该用户关联的设备的设备标识符。用户还包括设备生成的基于时间的一次性密码(TOTP)。在这两种情况下,用户都将获取临时安全凭证,然后该凭证可用于向AWS提出其他请求。https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html