import boto3
import hvac
session = boto3.Session()
credentials = session.get_credentials()
print("access_key",credentials.access_key)
print("secret_key",credentials.secret_key)
print("token",credentials.token)
client = hvac.Client(url='https://vault.xxxxxxx/ui/vault/secrets/secret/show/appname/snowflake')
res=client.auth.aws.iam_login(credentials.access_key, credentials.secret_key, credentials.token)
我正试图使用上面的代码对保险库进行身份验证,我可以获得accesskey、secret key和token,但当我尝试使用此方法进行身份验证时client.auth.aws.iam_login出现以下错误
类型错误:"响应"对象不可下标
下面是堆叠式
TypeError Traceback (most recent call last)
Input In [272], in <cell line: 10>()
8 print("token",credentials.token)
9 client = hvac.Client(url='https://xxxxxxxx/ui/vault')
---> 10 res=client.auth.aws.iam_login(credentials.access_key, credentials.secret_key, credentials.token)
File ~Anaconda3libsite-packageshvacapiauth_methodsaws.py:766, in Aws.iam_login(self, access_key, secret_key, session_token, header_value, role, use_token, region, mount_point)
757 headers = json.dumps({k: [request.headers[k]] for k in request.headers})
758 params = {
759 "iam_http_request_method": request.method,
760 "iam_request_url": b64encode(request.url.encode("utf-8")).decode("utf-8"),
(...)
763 "role": role,
764 }
--> 766 return self._adapter.login(
767 url=api_path,
768 use_token=use_token,
769 json=params,
770 )
File ~Anaconda3libsite-packageshvacadapters.py:199, in Adapter.login(self, url, use_token, **kwargs)
196 response = self.post(url, **kwargs)
198 if use_token:
--> 199 self.token = self.get_login_token(response)
201 return response
File ~Anaconda3libsite-packageshvacadapters.py:344, in JSONAdapter.get_login_token(self, response)
336 def get_login_token(self, response):
337 """Extracts the client token from a login response.
338
339 :param response: The response object returned by the login method.
(...)
342 :rtype: str
343 """
--> 344 return response["auth"]["client_token"]
TypeError: 'Response' object is not subscriptable
如果没有vault设置,很难再现错误,如果没有完整的堆栈跟踪,也很难诊断。。。
潜在的暖通空调问题
- 以下是带有示例的文档。看起来有些示例声明了不带参数
hvac.Client()的类,而另一些则声明了带有url和令牌hvac.Client(url=url, token=token)的类
潜在的boto3问题
TypeError:"Response"对象在Python 中不可下标
由于get_credentials()返回一个类,您可能需要使用res.json()解析响应,然后才能访问属性
祝你好运!
编辑
查看完整的堆栈跟踪,它看起来像是你的adaptor.post没有返回和预期的响应
return self._adapter.post(
url=api_auth,
json=params,
)
试着运行configure方法并显示结果,这应该会告诉你更多的
类似于:
res=client.auth.aws.configure(credentials.access_key, credentials.secret_key, credentials.token)