def get_session(role_arn=None, sts_client=None):
"""
Created a session for the specified role
:param role_arn: Role arn
:param sts_client: Optional sts client, if not specified a (cache) sts client instance is used
:return: Session for the specified role
"""
if role_arn is not None:
sts = sts_client if sts_client is not None else boto3.client("sts")
account = AwsService.account_from_role_arn(role_arn)
token = sts.assume_role(RoleArn=role_arn, RoleSessionName="{}-{}".format(account, str(uuid.uuid4())))
credentials = token["Credentials"]
return boto3.Session(aws_access_key_id=credentials["AccessKeyId"],
aws_secret_access_key=credentials["SecretAccessKey"],
aws_session_token=credentials["SessionToken"])
else:
return boto3.Session()
评论列表
文章目录
