March 9, 2021 at 12:00 am
Comments posted to this topic are about the item Reading a Specific File from an S3 bucket Using Python
March 9, 2021 at 8:45 am
Depending on where your Python app resides you can get away with not using the access key/secret key. If you have an EC2 instance then you can use client.assume_role to return those values.
def assume_role(arn, session_name):
"""
Args:
arn(str): ARN Of role you wish to assume.
session_name(str): Name of the STS session.
Returns: session
"""
client = boto3.client('sts')
response = client.assume_role(RoleArn=arn, RoleSessionName=session_name)
session = Session(aws_access_key_id=response['Credentials']['AccessKeyId'],
aws_secret_access_key=response['Credentials']['SecretAccessKey'],
aws_session_token=response['Credentials']['SessionToken'])
return session
You can then do something like the following
my_session = assumer_role(Role_ARN, "funkySession")
my_s3 = my_session.resource("s3")
March 9, 2021 at 3:22 pm
Yes you are correct David. The application can assume the role to again access to the AWS instance.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy