NEW: python aws assume role

2023-03-29 14:07:45 +08:00 · 2023-03-29 14:07:45 +08:00 · 020fc42895
commit 020fc42895
parent f0f88dc4d6
1 changed files with 15 additions and 0 deletions
--- a/py/aws-assume-role.py
+++ b/py/aws-assume-role.py
@ -0,0 +1,15 @@
+import json
+import boto3
+import base64
+
+def lambda_handler(event, context):
+    # TODO implement
+    sts_client = boto3.client('sts')
+    assumed_role_object=sts_client.assume_role(
+        RoleArn="arn:aws:iam::111122223333:role/SomeRole",
+        RoleSessionName="lambda-assumeRoleMs"
+    )
+    print("export AWS_ACCESS_KEY_ID=" + assumed_role_object['Credentials']['AccessKeyId'])
+    print("export AWS_SECRET_ACCESS_KEY=" + assumed_role_object['Credentials']['SecretAccessKey'])
+    print("export AWS_SESSION_TOKEN=" + assumed_role_object['Credentials']['SessionToken'])
+    print("export AWS_DEFAULT_REGION=ap-east-1")