in source/python/get_auth.py [0:0]
def get_session_with_arn(role_arn, session_name, external_id, base_session):
if not base_session:
base_session = boto3.Session()
if not session_name:
session_name = "aws_common_utils"
session_name = handle_session_name_length(session_name)
client = base_session.client("sts")
try:
response = client.assume_role(RoleArn=role_arn, RoleSessionName=session_name, ExternalId=external_id)
access_key = response["Credentials"]["AccessKeyId"]
secret = response["Credentials"]["SecretAccessKey"]
session_token = response["Credentials"]["SessionToken"]
return boto3.Session(
aws_access_key_id=access_key,
aws_secret_access_key=secret,
aws_session_token=session_token,
)
except (BotoCoreError, ClientError) as e:
logging.error(
"get_session_with_arn() failed trying to assume %s \
due to clienterror or botocore error",
role_arn,
)
logging.error(str(e))
raise e