Arguments in boto3 AWS client

0 votes

 I'm passing the required credentials for my library to connect to arbitrary AWS-IoT accounts. Now, when I instantiate my AWS client:

client = boto3.client('iot',
                      aws_access_key_id=ACCESS_KEY,
                      aws_secret_access_key=SECRET_KEY,...)

Credentials passed in this way should override all other credentials(acc boto3 docs).

boto3 docs excerpt:

The order in which Boto3 searches for credentials is:

 1. Passing credentials as parameters in the boto.client() method
 2. Passing credentials as parameters when creating a Session object
 3. Environment variables
 4. Shared credential file (~/.aws/credentials)
 5. AWS config file (~/.aws/config)
 6. Assume Role provider
 7. Boto2 config file (/etc/boto.cfg and ~/.boto)
 8. Instance metadata service on an Amazon EC2 instance that has an IAM role configured.

However, I get the following log message from Boto3 as generated by this call:

 "Found credentials in shared credentials file: ~/.aws/credentials"

really don't want boto3 picking-up whatever credentials a user may have happened to have configured on their system - I want it to use just the ones I'm passing to boto3.client(). 

Any ideas on how to ensure this?

Thanks!

Feb 11 in IoT (Internet of Things) by Upasana
• 8,530 points
483 views

1 answer to this question.

0 votes

As long as you're explicitly providing credential parameters, you should be protected from calls executed on the wrong account.

When passing aws_access_key_id & aws_secret_access_key parameters, the boto3.client(..)accepts them despite their inaccuracies and does not load any other credentials from the file and returns a NoCredentialsError exception when an API call is sent.

However, when the parameters above are not passed i.e.boto3.client('iot') AND a default profile exist in the system, we get a "Found credentials in shared credentials file: ~/.aws/credentials".

answered Feb 11 by Shubham
• 13,300 points

Related Questions In IoT (Internet of Things)

0 votes
1 answer

Faster communication between two ESP8266 in client-server setup

Try following. Server loop void loop() { // ...READ MORE

answered Jul 13, 2018 in IoT (Internet of Things) by anonymous2
• 4,260 points
1,458 views
0 votes
1 answer

AWS IoT login from android MQTT client using IAM is not working

Seeing your comments and questions. I had ...READ MORE

answered Jul 24, 2018 in IoT (Internet of Things) by anonymous2
• 4,260 points
404 views
0 votes
1 answer

Changing message format in KURA MQTT cloud client

The Eclipse Kura communicates with a MQTT ...READ MORE

answered Jul 29, 2018 in IoT (Internet of Things) by DataKing99
• 8,130 points
176 views
0 votes
1 answer

Deploy Docker Containers from Docker Cloud

To solve this problem, I followed advice ...READ MORE

answered Sep 3, 2018 in AWS by Priyaj
• 56,900 points
217 views
0 votes
1 answer
0 votes
1 answer

How to detect presence of a device in a WiFi network?

Finding the mac-address would probably work. Basically, ...READ MORE

answered Nov 16, 2018 in IoT (Internet of Things) by Shubham
• 13,300 points
128 views
0 votes
1 answer

Detecting when a sensor is not sending data to Orion CB in FiWARE

Orion in itself has no such mechanism ...READ MORE

answered Nov 21, 2018 in IoT (Internet of Things) by Shubham
• 13,300 points
34 views