trallnag
trallnag

Reputation: 2386

Boto3 ignores AWS_CONTAINER_CREDENTIALS_RELATIVE_URI

I'm in an ECS Task and want to use certain AWS services. I have attached the appropriate role to the task and the environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is visible. When I query it manually and setup the credentials as environment variables (id, key, token, region) I can work with the AWS API.

I assumed that boto3 is able to handle authentication transparently? But when I do the following

client = boto3.client('ecs')

I get an error that the region is required. And when I add the region via env the request fails because the token is invalid.

What am I missing?

Upvotes: 0

Views: 1071

Answers (1)

trallnag
trallnag

Reputation: 2386

Okay I got it to work. Instead of boto3.client('ecs') I have to create a session first and then use it to get the client:

import boto3
session = boto3.session.Session()
print(session.get_credentials().get_frozen_credentials())
ecs_client = session.client("ecs")

Like that the script will work running within an ECS task.

Upvotes: 4

Related Questions