Ceph » rgw

the user yly have permission to call get_session_token

import boto3
import botocore
botocore.session.Session().set_debug_logger()
access_key = 'yly'
secret_key = 'yly'
config_dict = { 'signature_version' : 's3', 'connect_timeout': 30000, 'read_timeout': 30000}
configuration = boto3.session.Config(**config_dict)

client = boto3.client('sts',
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
endpoint_url='http://127.0.0.1:8000',
region_name='',
use_ssl = False,
config = configuration,
)

response = client.get_session_token(DurationSeconds=3600)
print response['Credentials']['AccessKeyId']
print response['Credentials']['SecretAccessKey']
print response['Credentials']['SessionToken']
ak = response['Credentials']['AccessKeyId']
sk = response['Credentials']['SecretAccessKey']
token = response['Credentials']['SessionToken']
s3_session = boto3.Session(
aws_access_key_id=ak,
aws_secret_access_key=sk,
aws_session_token=token)

config = boto3.session.Config(connect_timeout=3000000, read_timeout=3000000, retries={'max_attempts': 0}, signature_version="s3")
configv4 = boto3.session.Config(connect_timeout=3000000, read_timeout=3000000, retries={'max_attempts': 0}, signature_version="s3v4")
#s3_client = s3_session.client('s3', endpoint_url="http://127.0.0.1:8000", config = configv4)
s3_client = s3_session.client('s3', endpoint_url="http://127.0.0.1:8000", config = config)
bucket="test2"
object="index.html"

#we create presigned url with sts ak sk token
get_obj_url = s3_client.generate_presigned_url(
ClientMethod = 'get_object',
Params = {'Bucket' : bucket, 'Key' : object},
ExpiresIn = 3600,
HttpMethod = 'GET')

import requests
response = requests.get(get_obj_url)
print response

it is failed when use v2 presigned url to download but success use v4 presigned url download the object