These are python 2 and 3 snippets showing how to generate headers to authenticate with HashiCorp's Vault using the AWS authentication method. There's also a Ruby implementation which uses version 3 of the AWS SDK for Ruby.
The python scripts look for credentials in the
default boto3 locations;
if you need to supply custom credentials (such as from an AssumeRole
call), you would use the
botocore.session.set_credentials
method before calling create_client
.
The ruby script looks for credentials from the default SDK locations.
Thanks to @copumpkin for much of the original python 2 implementation (provided privately) on which this was based.
Thanks to @stark525 for starting the python 3 port, on which the python 3 implementation is based.
@joelthompson
I am trying to use the headers generated by the python3 script in an AWS lambda function but I always get a 400 response. Not sure whats wrong here. Would appreciate any help if someone has achieved this already.