在S3 AWS Bucket上启用MFA删除 [英] Enable MFA Delete on S3 AWS Bucket

问题描述

我

我想在AWS S3存储桶上启用"MFA删除".官方文档(请参见 http://docs.aws.amazon. com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete )

I want to enable "MFA delete" on AWS S3 bucket. The official doc (cf http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete)

我不知道MFA的序列号"是什么?

I don't know what is the "serial number" for the MFA ?

似乎很难编写python代码来生成正确的带符号的标头.您对我有什么建议吗? (例如，现有的python脚本！:p)

it seems quite hard to write a python code to generate the right signed headers. Do you have any advice for me ? (an existing python script for example ! :p)

官方代码段:

PUT /?versioning HTTPS/1.1 
Host: BucketName .s3.amazonaws.com 
Date: Date 
Authorization: Signature 
Content-Type: ContentType 
Content-Length: Length-of-Content 
x-amz-mfa: [SerialNumber] [AuthenticationCode] 

<VersioningConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> 
<Status> Enabled </Status> 
<MfaDelete> Enabled </MfaDelete> 
</VersioningConfiguration> 

推荐答案

如果它是虚拟MFA，则只需提供虚拟MFA设备的ARN作为序列号即可.验证码是设备上显示的当前代码.您可以从IAM仪表板或通过执行CLI获取ARN:

If it is virtual MFA, then just give the ARN of the virtual MFA device as the serial number. The authentication code is the current code shown on the device. You can get the ARN from IAM dashboard or by executing the CLI:

$ aws iam list-mfa-devices
{
    "MFADevices": [
        {
            "UserName": "obama",
            "SerialNumber": "arn:aws:iam::1234827366789:mfa/obama",
            "EnableDate": "2015-09-16T18:47:44Z"
        }
    ]
}

如果您需要python示例: mfa_delete

If you need a python example: mfa_delete

这篇关于在S3 AWS Bucket上启用MFA删除的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！