I am using AWS MFA and when MFA is not enabled, I cannot access S3. I am getting the following error:
{'error': {'status': 400, 'reason': 'Bad Request', 'message': 's3://xxxx/xxxx.gpkg does not exist or is not accessible.', 'code': 'COMMON_BAD_PAYLOAD'}}
I’m trying to use temporary security credentials obtained through AWS’s get-session-token
, and including AWS_SESSION_TOKEN
in the request payload like this:
def prepare_batch_sta_request_payload(
evalscript: str,
input_s3_path: str,
output_s3_path: str,
timerange_from: str,
timerange_to: str,
):
access_key = os.environ["AWS_ACCESS_KEY_ID"]
secret_access_key = os.environ["AWS_SECRET_ACCESS_KEY"]
session_token = os.environ["AWS_SESSION_TOKEN"]
request_payload = {
"input": {
"features": {
"s3": {
"url": input_s3_path,
"accessKey": access_key,
"secretAccessKey": secret_access_key,
"sessionToken": session_token,
}
},
"data": [
{
"type": "sentinel-2-l2a",
"dataFilter": {
"timeRange": {
"from": timerange_from,
"to": timerange_to,
},
"mosaickingOrder": "leastCC",
"maxCloudCoverage": 100,
},
}
],
},
"aggregation": {
"timeRange": {"from": timerange_from, "to": timerange_to},
"aggregationInterval": {"of": "P1D"},
"evalscript": evalscript,
"resx": 10,
"resy": 10,
},
"output": {
"s3": {
"url": output_s3_path,
"accessKey": access_key,
"secretAccessKey": secret_access_key,
"sessionToken": session_token,
}
},
}
return request_payload
Is it possible to execute the above by including AWS_SESSION_TOKEN
in the request payload using the temporary authentication information obtained by get-session-token
?