AWS : Python SDK, Do I need to configure Access key and Secure access key

Question

I am trying to write an application in Python.

Through this application I want to create AWS Cognito users and provide services like user Sign-in, Forgot password, etc.

As I understand, boto3, is the standard Python library for accessing AWS APIs, from Python.

https://boto3.amazonaws.com/v1/documentation/api/latest/guide/quickstart.html

This library needs storing of AWS credentials ( Access key and secure access keys) on the host machine.

Can this be avoided?

I want to distribute this Python application to my users.

I am checking, if I can avoid this configuration of AWS credentials on every user's host.

Is there any alternative option to boto3 library?

Answer 1

If you absolutely need to access internal AWS API's you need to log in to AWS. Access keys is one way, it's also possible to use aws-adfs command line tool to log in though active directory, but that requires your AWS/AD administrators to do some additional setup on their side.

I would suggest looking into writing a client-server / web applications that would be hosted within AWS and only expose relevant functionality to authenticated users.

If costs are an issue for a hosted application, look into lambdas, as there you pay only for cpu/memory time. In case of setting management app it will probably not even exceed free tier.