Reading a Specific File from an S3 bucket Using Python

  • Comments posted to this topic are about the item Reading a Specific File from an S3 bucket Using Python

  • Depending on where your Python app resides you can get away with not using the access key/secret key.  If you have an EC2 instance then you can use client.assume_role to return those values.

        def assume_role(arn, session_name):
    """

    Args:
    arn(str): ARN Of role you wish to assume.
    session_name(str): Name of the STS session.
    Returns: session

    """

    client = boto3.client('sts')
    response = client.assume_role(RoleArn=arn, RoleSessionName=session_name)
    session = Session(aws_access_key_id=response['Credentials']['AccessKeyId'],
    aws_secret_access_key=response['Credentials']['SecretAccessKey'],
    aws_session_token=response['Credentials']['SessionToken'])

    return session

    You can then do something like the following

    my_session = assumer_role(Role_ARN, "funkySession")
    my_s3 = my_session.resource("s3")
  • Yes you are correct David. The application can assume the role to again access to the AWS instance.

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply