I'm working on a script that is supposed to download a file from my s3 bucket and then make some changes on it. The problem is that my script runs well when executed as root but does not when executed with the dedicated user.
Here is the piece of code we are interested in :
s3 = boto3.client('s3', aws_access_key_id='xxx', aws_secret_access_key='xxx')
s3.download_file('my-bucket', 'my_file.csv', '/my/path/to/file.csv')
When I run the script as root, no problem, the file is downloaded and the script continues, but executed with my dedicated user :
logstash:x:501:501::/home/logstash:/sbin/nologin, it doesn't work.
I tried running Python interpreter as root and as logstash and executed the script command by command, it works as root but not as logstash. Here is the error :
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python2.7/site-packages/boto3/s3/inject.py", line 126, in download_file
extra_args=ExtraArgs, callback=Callback)
File "/usr/local/lib/python2.7/site-packages/boto3/s3/transfer.py", line 299, in download_file
future.result()
File "/usr/local/lib/python2.7/site-packages/s3transfer/futures.py", line 73, in result
return self._coordinator.result()
File "/usr/local/lib/python2.7/site-packages/s3transfer/futures.py", line 233, in result
raise self._exception
botocore.exceptions.ClientError: An error occurred (400) when calling the HeadObject operation: Bad Request
I searched a lot on google but there is no topic about this special 'user switch' case.
I'm first :)
Are the permissions for the user
logstashset correctly for the directory you are downloading into?Did you by any chance miss the
-Rinchown -R logstash?