Reputation: 2386
I'm in an ECS Task and want to use certain AWS services. I have attached the appropriate role to the task and the environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
is visible. When I query it manually and setup the credentials as environment variables (id, key, token, region) I can work with the AWS API.
I assumed that boto3 is able to handle authentication transparently? But when I do the following
client = boto3.client('ecs')
I get an error that the region is required. And when I add the region via env the request fails because the token is invalid.
What am I missing?
Upvotes: 0
Views: 1071
Reputation: 2386
Okay I got it to work. Instead of boto3.client('ecs')
I have to create a session first and then use it to get the client:
import boto3
session = boto3.session.Session()
print(session.get_credentials().get_frozen_credentials())
ecs_client = session.client("ecs")
Like that the script will work running within an ECS task.
Upvotes: 4