Easily create boto3/aioboto3 assume role sessions with automatic credential refreshing.
Project description
boto3-assume
boto3-assume
has one simple goal. Easily create boto3
/aioboto3
assume role sessions with automatic credential refreshing.
Installation
Install with pip:
$ pip install boto3-assume
NOTE - It currently doesn't come with
boto3
oraioboto3
, so you need install to one or both as needed.
Tutorial
There are only 2 functions assume_role_session
and assume_role_aio_session
For boto3
:
import boto3
from boto3_assume import assume_role_session
assume_session = assume_role_session(
source_session=boto3.Session(), # You must pass in a boto3 session that automatically refreshes!
RoleArn="arn:aws:iam::123412341234:role/my_role",
RoleSessionName="my-role-session"
)
# Create clients, and their credentials will auto-refresh when expired!
sts_client = assume_session.client("sts", region_name="us-east-1")
print(sts_client.get_caller_identity())
# {
# "UserId": "EXAMPLEID",
# "Account": "123412341234",
# "Arn": "arn:aws:sts::123412341234:role/my_role",
# "ResponseMetadata": {
# "RequestId": "asdfqwfqwfasdfasdfasfsdf",
# "HTTPStatusCode": 200,
# "HTTPHeaders": {
# "server": "amazon.com",
# "date": "Tue, 27 Jun 2023 00:00:00 GMT"
# },
# "RetryAttempts": 0
# }
# }
For aioboto3
:
import asyncio
import aioboto3
from boto3_assume import assume_role_aio_session
# since this uses "Deferred" credentials you don't need to call this within a coroutine or context manager
assume_session = assume_role_session(
source_session=aioboto3.Session(), # You must pass in an aioboto3 session that automatically refreshes!
RoleArn="arn:aws:iam::123412341234:role/my_role",
RoleSessionName="my-role-session"
)
async def main():
# Create clients, and their credentials will auto-refresh when expired!
async with assume_session.client("sts", region_name="us-east-1") as sts_client:
print(await sts_client.get_caller_identity())
# {
# "UserId": "EXAMPLEID",
# "Account": "123412341234",
# "Arn": "arn:aws:sts::123412341234:role/my_role",
# "ResponseMetadata": {
# "RequestId": "asdfqwfqwfasdfasdfasfsdf",
# "HTTPStatusCode": 200,
# "HTTPHeaders": {
# "server": "amazon.com",
# "date": "Tue, 27 Jun 2023 00:00:00 GMT"
# },
# "RetryAttempts": 0
# }
# }
asyncio.run(main())
Under the hood a boto3
/aioboto3
sts client will be created and assume_role
called to get/refresh credentials.
If you want you can also specify extra kwargs for the sts client, and for the assume_role call.
NOTE: The "sts" service is already specified for the client.
RoleArn
andRoleSessionName
are used in the assume role call.
import boto3
from boto3_assume import assume_role_session
from botocore.config import Config
assume_session = assume_role_session(
source_session=boto3.Session(), # You must pass in a boto3 session that automatically refreshes!
RoleArn="arn:aws:iam::123412341234:role/my_role",
RoleSessionName="my-role-session",
sts_client_kwargs={
"region_name": "us-east-1",
"config": Config(
retries={
"total_max_attempts": 10,
"mode": "adaptive"
}
)
},
assume_role_kwargs={
"DurationSeconds": 900
}
)
Development
Install the package in editable mode with dev dependencies.
(venv) $ pip install -e .[dev,all]
nox is used to manage various dev functions. Start with
(venv) $ nox --help
pyenv is used to manage python versions. To run the nox tests for applicable python version you will first need to install them. In the root project dir run:
(venv) $ pyenv install
Changelog
Changelog for boto3-assume
.
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[0.1.2] - 2024-05-18
Removed
- `boto3` and `aioboto3` package extras. They didn't work and weren't documented correctly.
Fixed
- `datetime.datetime.utcnow()` deprecation in tests for python 3.12
[0.1.1] - 2023-06-28
Fixed
- Formatting for Changelog, README
[0.1.0] - 2023-06-28
Initial Release.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file boto3_assume-0.1.2.tar.gz
.
File metadata
- Download URL: boto3_assume-0.1.2.tar.gz
- Upload date:
- Size: 10.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.8.18
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 314cdc6e4913fa80849870b72596a2b8dd3139d56590d8c20c7e2684a65e7456 |
|
MD5 | 8e7abae80ab072fb808a3fded760ed40 |
|
BLAKE2b-256 | f6c9bb3790c1722e897a3e7683e72a01d7b3a38bfa3ea35a3b899a4c201949a4 |
File details
Details for the file boto3_assume-0.1.2-py3-none-any.whl
.
File metadata
- Download URL: boto3_assume-0.1.2-py3-none-any.whl
- Upload date:
- Size: 10.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.8.18
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | e62eb52df0eb81046565a17304a6f8d566ec03572199c9b83a4e78c1acafb307 |
|
MD5 | eee04c666bf466fa5f7397c0dff5af29 |
|
BLAKE2b-256 | 70ee8bbe0c34732cffab6ef4a8faa849fc871628663fdfd0b0f88da5df1b2b60 |