Refreshing Python Credentials Using Boto3 Now Fails
This used to work flawlessly — now something is broken
One of my stories on Ubuntu, the AWS CLI, and Boto3
Free Content on Jobs in Cybersecurity | Sign up for the Email List
This is one of the most frustrating things about working on cloud instances — from any cloud provider — or any shared system. Things change randomly and break for no reason.
I just wrote about another issue with this tool that worked perfectly on many occasions. Now it does not.
Someone contacted me on LinkedIn to let me know a while back but I did not have time to look into it. Well, now I am being forced to revisit it.
When I run this script I get credentials and use them to run commands. I know my permissions are set up properly because I use a role profile. The role profile is working with the AWS CLI. It’s not working in Boto3.
I’m not sure if this is a case of the code picking up an incorrect library somewhere like this last post:
What else could it be since it used to work?
And by the way, if all these core libraries are getting cross on AWS EC2 (an Ubuntu instance in this case) that could also lead to security problems.
I hope AWS and the maintainers of Ubuntu AMIs (if this is specific to Ubuntu, not sure) will make sure the defaults for Boto3 are pointing to the right places on install. And all the other AWS SDKs. QA people should be testing that.
Update: Found this interesting post on how python finds packages. This is hopefully the solution and a very intersting read:
As it turns out the refresh not working was a red herring. The actual issue was some sort of mixed up library references I haven’t had time to fully investigate, but I was able to force a solution. See these posts:
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2023
The best way to support this blog is to sign up for the email list and clap for stories you like. That also helps me determine what stories people like and what to write about more often. Other ways to follow and support are listed below. Thank you!
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
Author: Cybersecurity for Executives in the Age of Cloud
Presentations: Presentations by Teri Radichel
Recognition: SANS Difference Makers Award, AWS Security Hero, IANS Faculty
Certifications: SANS
Education: BA Business, Master of Software Engineering, Master of Infosec
Company: Cloud Penetration Tests, Assessments, Training ~ 2nd Sight LabLike this story? Use the options below to help me write more!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Clap
❤️ Referrals
❤️ Medium: Teri Radichel
❤️ Email List: Teri Radichel
❤️ Twitter: @teriradichel
❤️ Mastodon: @[email protected]
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
❤️ Buy a Book: Teri Radichel on Amazon
❤️ Request a penetration test, assessment, or training
via LinkedIn: Teri Radichel
❤️ Schedule a consulting call with me through IANS Research