如何通过不带.pem文件或替代.pem文件的AWS Lambda使用pysftp连接EC2 [英] How to connect EC2 using pysftp via AWS Lambda without .pem file or alternate to .pem file
问题描述
我想通过AWS Lambda使用pysftp库连接EC2.我使用下面的代码进行连接.
I want to connect EC2 using pysftp library via AWS Lambda. I use below code to connect.
mysftp = pysftp.Connection(
host=Constants.MY_HOST_NAME,
username=Constants.MY_EC2_INSTANCE_USERNAME,
private_key="./clientiot.pem",
cnopts=cnopts,
)
我已将.pem文件和部署包放在AWS Lambda中.看到这张图片:
I have put .pem file along with deployment package in AWS Lambda. See this image:
有时它有时无法工作,就像有时它说未找到.pem文件.
Sometimes it works sometime not, like sometimes it says .pem file not found.
"[Errno 2] No such file or directory: './clientiot.pem'"
如何处理?有什么方法可以安全地访问.pem文件或.pem文件的数据.
How to deal with it? Is there any way to access .pem file or data of .pem file securely.
我不希望在AWS Lambda中使用.pem.
I don't want .pem in AWS lambda.
推荐答案
如果直接使用Paramiko(pysftp只是Paramiko的薄包装),则可以将密钥硬编码到代码中,而不会遇到麻烦外部资源:
通过Paramiko通过SSH/SCP(带有字符串键)
If you use Paramiko directly (pysftp is just a thin wrapper around Paramiko), you can hard-code the key into your code and you won't have troubles with external resources:
SSH/SCP through Paramiko with key in string
有关在Lambda任务中引用文件的信息,请参见:
AWS Lambda读取作为源代码上传的zip格式的文件内容
For referring to files in your Lambda task, see:
AWS Lambda read contents of file in zip uploaded as source code
所以这应该起作用:
private_key = os.environ['LAMBDA_TASK_ROOT'] + "/clientiot.pem"
这篇关于如何通过不带.pem文件或替代.pem文件的AWS Lambda使用pysftp连接EC2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!