本文整理汇总了Python中boto3.Session.assume_role方法的典型用法代码示例。如果您正苦于以下问题:Python Session.assume_role方法的具体用法?Python Session.assume_role怎么用?Python Session.assume_role使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类boto3.Session的用法示例。
在下文中一共展示了Session.assume_role方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_temp_creds
# 需要导入模块: from boto3 import Session [as 别名]
# 或者: from boto3.Session import assume_role [as 别名]
def get_temp_creds(profile, token):
"""Use STS to retrieve temporary credentials for <profile>"""
from boto3 import Session #Late import because importing boto3 is slow
config = get_boto_config()[profile]
hub_client = Session(profile_name=config['source_profile']).client('sts')
response = hub_client.assume_role(
RoleArn = config['role_arn'],
RoleSessionName = 'alfed-aws-{}@{}'.format(str(uuid.uuid4())[:8], profile),
DurationSeconds = 3600,
SerialNumber = config['mfa_serial'],
TokenCode = token,
)
temp_creds = response['Credentials']
return {
'access_key': temp_creds['AccessKeyId'],
'secret_key': temp_creds['SecretAccessKey'],
'session_token': temp_creds['SessionToken'],
#Python's datetime lib is dumb and doesn't know how to turn timezone-aware datetimes
#into epoch timestamps. Since the datetime boto returns and the datetime returned
#by datetime.utcfromtimestamp() are both in UTC, this is safe.
'expires': (temp_creds['Expiration'].replace(tzinfo=None) - datetime.utcfromtimestamp(0)).total_seconds(),
}