I am having a question regarding the DataAccessRoleArn setting in boto3 start_transcription_job function
Here is my code below:
transcribe.start_transcription_job(TranscriptionJobName=transcriptname,
Media = {"MediaFileUri": s3_url},
MediaFormat = file_type,
OutputBucketName = outputbucket,
Settings={
'ShowSpeakerLabels':True,
'MaxSpeakerLabels':2
},
JobExecutionSettings ={
'AllowDeferredExecution':True,
'DataAccessRoleArn':'arn:aws:iam::358110801253:role/service-role/transcribe-role-k5easa7b'
},
LanguageCode = language)
If I comment out JobExecutionSettings portion, it works perfectly. But I want to turn on the AllowDeferredExecution so that I have to assign a DataAccessRoleArn. The role I assign here have full access to lambda and S3, but I am still receiving an Error like below:
[ERROR] ClientError: An error occurred (AccessDeniedException) when calling the StartTranscriptionJob operation: User: arn:aws:sts::358110801253:assumed-role/transcribe-role-k5easa7b/transcribe is not authorized to perform: iam:PassRole on resource: arn:aws:iam::358110801253:role/service-role/transcribe-role-k5easa7b
Traceback (most recent call last):
File "/var/task/lambda_function.py", line 43, in lambda_handler
transcribe.start_transcription_job(TranscriptionJobName=transcriptname,
File "/var/runtime/botocore/client.py", line 316, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/var/runtime/botocore/client.py", line 626, in _make_api_call
raise error_class(parsed_response, operation_name)END RequestId: 88e3bb78-60c1-42e5-a2e1-717918b6f7b9
Related
I am facing an issue where my SSO expired earlier when I tried to create a session programmatically using boto3 but NOT my awscli.
python version: 3.8.12
boto3 version: 1.21.46
awscli version: aws-cli/2.4.27 Python/3.8.8 Darwin/21.6.0 exe/x86_64 prompt/off
Sample boto3 code (boto3-test.py)
import boto3
session = boto3.Session(profile_name='RoleA')
sts = session.client('sts')
print(sts.get_caller_identity())
Steps to reproduce:
aws sso login --profile RoleA
aws sts get-caller-identity --profile RoleA (SUCCESS)
python boto3-test.py. (SUCCESS)
WAIT AFTER 1 HOUR ......
aws sts get-caller-identity --profile RoleA (SUCCESS)
python boto3-test.py (FAIL)
I have check ~/.aws/sso/cache and ~/.aws/cli/cache the expiresAt and Expiration in both cache file is still valid. I am expecting boto3 to discover the token cache the same way as the awscli, but it seems not. Any clue why both are not in sync ?
Error from boto3-test.py
Traceback (most recent call last):
File "/Users/tester/venv/lib/python3.8/site-packages/botocore/credentials.py", line 2056, in _get_credentials
response = client.get_role_credentials(**kwargs)
File "/Users/tester/venv/lib/python3.8/site-packages/botocore/client.py", line 415, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/tester/venv/lib/python3.8/site-packages/botocore/client.py", line 745, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.UnauthorizedException: An error occurred (UnauthorizedException) when calling the GetRoleCredentials operation: Session token no
t found or invalid
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/client.py", line 415, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/client.py", line 731, in _make_api_call
http, parsed_response = self._make_request(
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/client.py", line 751, in _make_request
return self._endpoint.make_request(operation_model, request_dict)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/endpoint.py", line 107, in make_request
return self._send_request(request_dict, operation_model)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/endpoint.py", line 180, in _send_request
request = self.create_request(request_dict, operation_model)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/endpoint.py", line 120, in create_request
self._event_emitter.emit(event_name, request=request,
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/hooks.py", line 358, in emit
return self._emitter.emit(aliased_event_name, **kwargs)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/hooks.py", line 229, in emit
return self._emit(event_name, kwargs)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/hooks.py", line 212, in _emit
response = handler(**kwargs)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/signers.py", line 95, in handler
return self.sign(operation_name, request)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/signers.py", line 159, in sign
auth = self.get_auth_instance(**kwargs)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/signers.py", line 239, in get_auth_instance
frozen_credentials = self._credentials.get_frozen_credentials()
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/credentials.py", line 632, in get_frozen_credentials
self._refresh()
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/credentials.py", line 527, in _refresh
self._protected_refresh(is_mandatory=is_mandatory_refresh)
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/credentials.py", line 543, in _protected_refresh
metadata = self._refresh_using()
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/credentials.py", line 684, in fetch_credentials
return self._get_cached_credentials()
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/credentials.py", line 694, in _get_cached_credentials
response = self._get_credentials()
File "/Users/tesster/venv/lib/python3.8/site-packages/botocore/credentials.py", line 2058, in _get_credentials
raise UnauthorizedSSOTokenError()
botocore.exceptions.UnauthorizedSSOTokenError: The SSO session associated with this profile has expired or is otherwise invalid. To refresh this SSO session run aws sso login with the corresponding profile.
To all, not sure what the issue is, but I resolve it by removing ~/.aws/sso and ~/.aws/cli entirely and letting it recreate again. I have also upgraded boto3 to version 1.24.90.
Things just work by themselves after that.
I am trying to create snapshots with Boto3.
snapshot_response = client.create_snapshots(
Description='super important backup',
InstanceSpecification={
'InstanceId': 'i-something',
'ExcludeBootVolume': True,
'ExcludeDataVolumeIds': ['vol-something1','vol-something2'],
},
CopyTagsFromSource='volume'
)
But if fails with this error.
[ERROR] ParamValidationError: Parameter validation failed:
Unknown parameter in InstanceSpecification: \"ExcludeDataVolumeIds\", must be one of: InstanceId, ExcludeBootVolume
Traceback (most recent call last):
File \"/something/some_dir/some_script.py\", line 50, in some_function
snapshot_response = client.create_snapshots(
File \"/var/runtime/botocore/client.py\", line 391, in _api_call
return self._make_api_call(operation_name, kwargs)
File \"/var/runtime/botocore/client.py\", line 691, in _make_api_call
request_dict = self._convert_to_request_dict(
File \"/var/runtime/botocore/client.py\", line 739, in _convert_to_request_dict
request_dict = self._serializer.serialize_to_request(
File \"/var/runtime/botocore/validate.py\", line 360, in serialize_to_request
raise ParamValidationError(report=report.generate_report())END
Has anyone got this sorted?
I am trying to deploy simple django application from zappa (https://romandc.com/zappa-django-guide/) I am getting the following error. Is there any permission issue or some other issue with the dev setup?
Traceback (most recent call last):
File "e:\personal\envs\py3\lib\site-packages\zappa\cli.py", line 753, in deploy
function_name=self.lambda_name)
File "e:\personal\envs\py3\lib\site-packages\zappa\core.py", line 1286, in get_lambda_function
FunctionName=function_name)
File "e:\personal\envs\py3\lib\site-packages\botocore\client.py", line 314, in _api_call
return self._make_api_call(operation_name, kwargs)
File "e:\personal\envs\py3\lib\site-packages\botocore\client.py", line 612, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.ResourceNotFoundException: An error occurred (ResourceNotFoundException) when calling the GetFunction operation: Function not found: arn:aws:lambda:ap-south-1:122866061462:function:frankie-dev
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "e:\personal\envs\py3\lib\site-packages\zappa\cli.py", line 2778, in handle
sys.exit(cli.handle())
File "e:\personal\envs\py3\lib\site-packages\zappa\cli.py", line 512, in handle
self.dispatch_command(self.command, stage)
File "e:\personal\envs\py3\lib\site-packages\zappa\cli.py", line 549, in dispatch_command
self.deploy(self.vargs['zip'])
File "e:\personal\envs\py3\lib\site-packages\zappa\cli.py", line 786, in deploy
self.lambda_arn = self.zappa.create_lambda_function(**kwargs)
File "e:\personal\envs\py3\lib\site-packages\zappa\core.py", line 1069, in create_lambda_function
response = self.lambda_client.create_function(**kwargs)
File "e:\personal\envs\py3\lib\site-packages\botocore\client.py", line 314, in _api_call
return self._make_api_call(operation_name, kwargs)
File "e:\personal\envs\py3\lib\site-packages\botocore\client.py", line 586, in _make_api_call
api_params, operation_model, context=request_context)
File "e:\personal\envs\py3\lib\site-packages\botocore\client.py", line 641, in _convert_to_request_dict
api_params, operation_model)
File "e:\personal\envs\py3\lib\site-packages\botocore\validate.py", line 291, in serialize_to_request
raise ParamValidationError(report=report.generate_report())
botocore.exceptions.ParamValidationError: Parameter validation failed:
Unknown parameter in input: "Layers", must be one of: FunctionName, Runtime, Role, Handler, Code, Description, Timeout, MemorySize, Publish, VpcConfig, DeadLetterConfig, Environment, KMSKeyArn, TracingConfig, Tags
I had the exact same error trying to deploy a Flask app using Zappa and then realized that I was using an old botocore package version. I changed all the package versions in my requirements.txt file to the ones on zappa's github page and it fixed the issue for me!
for bucket in boto3.resource('s3').buckets.all():
print(bucket.name)
Traceback (most recent call last):
File "<input>", line 1, in <module>
File "C:\Users\icode\PycharmProjects\AWS\venv\lib\site-packages\boto3\resources\collection.py", line 83, in __iter__
for page in self.pages():
File "C:\Users\icode\PycharmProjects\AWS\venv\lib\site-packages\boto3\resources\collection.py", line 161, in pages
pages = [getattr(client, self._py_operation_name)(**params)]
File "C:\Users\icode\PycharmProjects\AWS\venv\lib\site-packages\botocore\client.py", line 357, in _api_call
return self._make_api_call(operation_name, kwargs)
File "C:\Users\icode\PycharmProjects\AWS\venv\lib\site-packages\botocore\client.py", line 661, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (NotSignedUp) when calling the ListBuckets operation: Your account is not signed up for the S3 service. You must sign up before you can use S3.```
You've not signed up for S3. You'll need to visit the AWS Console first, sign up, and wait for the activation email. See the documentation for more details.
take a look at your error message, on the last line it says your are not signed up
botocore.exceptions.ClientError: An error occurred (NotSignedUp) when calling the ListBuckets operation:
Your account is not signed up for the S3 service. You must sign up before you can use S3.```
what you need to do is:
from s3 documentation
Below is the simple code snippet, which I'm trying to run, it gives exception.
I've configured AWS on my local and I'm able to describe the same stack in the AWS Opsworks UI. Can someone help here, with what could be the reason:
import boto3
client=boto3.client('opsworks')
response=client.describe_stack_summary(
StackId="6efce529-0b77-43dc-981b-ff20b906c4ae"
)
print(response)
Stacktrace for error:
Traceback (most recent call last):
File "botoTest.py", line 9, in <module>
StackId="6efce529-0b77-43dc-981b-ff20b906c4ae"
File
"/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-
packages/botocore/client.py", line 320, in _api_call
return self._make_api_call(operation_name, kwargs)
File
"/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-
packages/botocore/client.py", line 623, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.ResourceNotFoundException: An error occurred
(ResourceNotFoundException) when calling the DescribeStackSummary
operation: Unable to find stack with ID 6efce529-0b77-43dc-981b-
ff20b906c4ae