当尝试在github中运行文件conn\u Kinesis\u test.py时，Kinesis客户端库（KCL）返回此错误

boto.exception.JSONResponseError: JSONResponseError: 400 Bad Request
{u'Message': u'User: user:arn is not authorized to perform: kinesis:CreateStream on resource: resource:arn', u'__type': u'AccessDeniedException'}

因此，我知道我的用户没有访问此资源的权限，我尝试从终端使用aws-cli：

aws kinesis list-streams --region eu-west-1 --profile prof

它返回：

{
    "StreamNames": [
        "test_stream"
    ]
}

然后，我知道我需要在python代码中复制这种行为。 代码是：

from boto import kinesis
conn = kinesis.connect_to_region(region_name = region)
    #conn=boto.connect_kinesis()
    try:
        status = get_stream_status(conn, stream_name)
        if 'DELETING' == status:
            print('The stream: {s} is being deleted, please rerun the script.'.format(s=stream_name))
            sys.exit(1)
        elif 'ACTIVE' != status:
            wait_for_stream(conn, stream_name)
    except:
        # We'll assume the stream didn't exist so we will try to create it with just one shard
        conn.create_stream(stream_name, 1)
        wait_for_stream(conn, stream_name)

我搜索了如何使用boto 2设置IAM\u角色，但什么都不清楚。他们说的是STS方法，但它不起作用。我试图复制from boto.s3.connection import S3Connection的行为，然后用IAM_ROLE值设置一个全局变量，但都不起作用

可行吗