-1

我在 AWS 的 EC2 实例上部署 CSR 1000v。

这是我用于身份验证的 python 代码,以便使用已在路由器中启用的RESTCONF 。

import requests
import pprint
from aws_requests_auth.aws_auth import AWSRequestsAuth 

def get_json(interface):

    authaws = AWSRequestsAuth(aws_access_key='AWS_ACCESS_KEY',
                       aws_secret_access_key='AWS_SECRET_ACCESS_KEY',
                       aws_host='ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com',
                       aws_region='us-west-2',
                       aws_service='compute')

    source = 'https://ec2-xx-xx-xx-xx.us-west-2.compute.amazonaws.com/restconf/data/'
    module = 'ietf-interfaces:'
    container = 'interfaces'
    leaf = '/interface=' + interface
    options = ''

    url = source + module + container + leaf + options
    headers = {'Content-type': 'application/yang-data+json', 'Accept': 'application/yang-data+json'}

    r = requests.get(url, auth=authaws, headers=headers, verify=False)

    return r.json()

if __name__ == '__main__':

    interface = 'GigabitEthernet1'

    pprint.pprint(get_json(interface))

这是我执行后得到的。

server@zsz:~/shared_files$ python get_one_interface.py 
/usr/local/lib/python2.7/dist-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
{u'errors': {u'error': [{u'error-tag': u'access-denied',
                         u'error-type': u'protocol'}]}}

显然,无法进行身份验证。对于aws_access_keyand aws_secret_access_key,我是从 IAM 控制台获得的。我什至生成了新的,但仍然无法正常工作。

4

1 回答 1

-1

我设法找到了解决方案。

在路由器中:

(config)#user any-user-name privilege 15 secret supersecretpassword

然后,它奏效了!感谢任何试图提供帮助的人:)

于 2019-01-31T08:27:19.783 回答