def check_sts_token(self, profile):
""" Verifies that STS credentials are valid """
# Don't check for creds if profile is blank
if not profile:
return False
parser = RawConfigParser()
parser.read(self.creds_file)
if not os.path.exists(self.creds_dir):
if self.verbose:
print("AWS credentials path does not exit. Not checking.")
return False
elif not os.path.isfile(self.creds_file):
if self.verbose:
print("AWS credentials file does not exist. Not checking.")
return False
elif not parser.has_section(profile):
if self.verbose:
print("No existing credentials found. Requesting new credentials.")
return False
session = boto3.Session(profile_name=profile)
sts = session.client('sts')
try:
sts.get_caller_identity()
except ClientError as ex:
if ex.response['Error']['Code'] == 'ExpiredToken':
print("Temporary credentials have expired. Requesting new credentials.")
return False
if self.verbose:
print("STS credentials are valid. Nothing to do.")
return True
评论列表
文章目录
