问题
I,
I want to enable "MFA delete" on AWS S3 bucket. The official doc (cf http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete)
I don't know what is the "serial number" for the MFA ?
it seems quite hard to write a python code to generate the right signed headers. Do you have any advice for me ? (an existing python script for example ! :p)
The official code snippet :
PUT /?versioning HTTPS/1.1
Host: BucketName .s3.amazonaws.com
Date: Date
Authorization: Signature
Content-Type: ContentType
Content-Length: Length-of-Content
x-amz-mfa: [SerialNumber] [AuthenticationCode]
<VersioningConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<Status> Enabled </Status>
<MfaDelete> Enabled </MfaDelete>
</VersioningConfiguration>
回答1:
If it is virtual MFA, then just give the ARN of the virtual MFA device as the serial number. The authentication code is the current code shown on the device. You can get the ARN from IAM dashboard or by executing the CLI:
$ aws iam list-mfa-devices
{
"MFADevices": [
{
"UserName": "obama",
"SerialNumber": "arn:aws:iam::1234827366789:mfa/obama",
"EnableDate": "2015-09-16T18:47:44Z"
}
]
}
If you need a python example: mfa_delete
来源:https://stackoverflow.com/questions/37395408/enable-mfa-delete-on-s3-aws-bucket