amazon-iam

I'm wondering if PySpark supports S3 access using IAM roles. Specifically, I have a business constraint where I have to assume an AWS role in order to access a given bucket. This is fine when using boto (as it's part of the API), but I can't find a definitive answer as to if PySpark supports this out of the box. Ideally, I'd like to be able to assume a role when running in standalone mode locally and point my SparkContext to that s3 path. I've seen that non-IAM calls usually follow : spark_conf = SparkConf().setMaster('local[*]').setAppName('MyApp') sc = SparkContext(conf=spark_conf) rdd = sc

I want to call an AWS API Gateway Endpoint that is protected with AWS_IAM using the generated JavaScript API SDK . I have a Cognito UserPool and a Cognito Identity Pool . Both properly synced via ClientId . I use this code to Sign in and get the Cognito Identity AWS.config.region = 'us-east-1'; // Region AWS.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: 'us-east-1:XXXXXXXXXXXXXXXXXXXXXXXX' // your identity pool id here }); AWSCognito.config.region = 'us-east-1'; AWSCognito.config.credentials = new AWS.CognitoIdentityCredentials({ IdentityPoolId: 'us-east-1

I need to fetch all the aws user's, their corresponding groups, policies and then if mfa is activated for them or not. Can anyone tell me how it can be done via aws cli or boto. I have a script that fetches out just the all user's in aws. import boto3 from boto3 import * import argparse access_key = '' secret_key = '' def get_iam_uses_list(): client = boto3.client('iam', aws_access_key_id=access_key, aws_secret_access_key=secret_key) my_list=list() iam_all_users = client.list_users(MaxItems=200) for user in iam_all_users['Users']: my_list.append(user['UserName']) # for i in my_list: print i #

This page https://www.terraform.io/docs/providers/aws/r/iam_role.html mentions: NOTE: This assume_role_policy is very similar but slightly different than just a standard IAM policy and cannot use an aws_iam_policy resource. It can however, use an aws_iam_policy_document data source, see example below for how this could work. Is there any reason why the assume_role_policy is different from the standard IAM policy ? Any why? An assume role policy is a special policy associated with a role that controls which principals (users, other roles, AWS services, etc) can "assume" the role. Assuming a

I am getting an error when calling to assume role method of STS. It says that the user is not authorized to perform sts:AsumeRole on resource xxx . I did the following: I created a role to access to S3 bucket. I ran a test over policy simulator and works fine I created a new group, and in it, i created a new policy that enables all sts actions, over all resources. I ran a test with the policy simulator, to sts assume role, pointing to the ARN of role created at step one; and it works fine I created a new user, and put it in group created at step 3 With the credentials of the new user, i try to