def store_mfa(user, seed, region, account):
SSM_CLIENT = boto3.client('ssm')
KMS_CLIENT = boto3.client('kms')
response = KMS_CLIENT.describe_key(
KeyId='alias/MFAUser',
)
keyArn = response['KeyMetadata']['Arn']
try:
response = SSM_CLIENT.put_parameter(
Name='mfa-' + user,
Description='MFA token seed',
Value=seed,
Type='SecureString',
KeyId=keyArn,
Overwrite=True
)
mfa_store_policy(user, region, account)
print("Token stored in Parameter Store")
except Exception as e:
print("Failed to store seed. You will need to retrieve it from the used log DDB or create a new token manually.")
response = "Fail"
return response
评论列表
文章目录
