Created
October 24, 2019 16:44
-
-
Save coingraham/f22b5002c4ffe4f0cd3245fa0d9e32f0 to your computer and use it in GitHub Desktop.
Python Boto3 Assume Role
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| import sys | |
| assume_role = sys.argv[1] | |
| # create an STS client object that represents a live connection to the | |
| # STS service | |
| sts_client = boto3.client('sts') | |
| # Call the assume_role method of the STSConnection object and pass the role | |
| # ARN and a role session name. | |
| assumed_role_object=sts_client.assume_role( | |
| RoleArn='assume_role' | |
| ) | |
| # From the response that contains the assumed role, get the temporary | |
| # credentials that can be used to make subsequent API calls | |
| credentials=assumed_role_object['Credentials'] | |
| # Use the temporary credentials that AssumeRole returns to make a | |
| # connection to Amazon S3 | |
| glue_client=boto3.client( | |
| 'glue', | |
| aws_access_key_id=credentials['AccessKeyId'], | |
| aws_secret_access_key=credentials['SecretAccessKey'], | |
| aws_session_token=credentials['SessionToken'], | |
| ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment