I'm deploying CSR 1000v on an EC2 instance in AWS.
This is my python code for authentication in order to use RESTCONF which is already enabled in the router.
import requests
import pprint
from aws_requests_auth.aws_auth import AWSRequestsAuth
def get_json(interface):
authaws = AWSRequestsAuth(aws_access_key='AWS_ACCESS_KEY',
aws_secret_access_key='AWS_SECRET_ACCESS_KEY',
aws_host='ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com',
aws_region='us-west-2',
aws_service='compute')
source = 'https://ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com/restconf/data/'
module = 'ietf-interfaces:'
container = 'interfaces'
leaf = '/interface=' + interface
options = ''
url = source + module + container + leaf + options
headers = {'Content-type': 'application/yang-data+json', 'Accept': 'application/yang-data+json'}
r = requests.get(url, auth=authaws, headers=headers, verify=False)
return r.json()
if __name__ == '__main__':
interface = 'GigabitEthernet1'
pprint.pprint(get_json(interface))
Here what I got after execution.
server@zsz:~/shared_files$ python get_one_interface.py
/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
{u'errors': {u'error': [{u'error-tag': u'access-denied',
u'error-type': u'protocol'}]}}
Obviously, the authentication cannot be done.
For aws_access_key and aws_secret_access_key, I got it from IAM console. I even generated new ones, but still does not work.
I have managed to find the solution.
In the router:
Then, it worked! Thanks to anyone who tried to help :)