Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
async def aio_sts_assume_role(src_role_arn, dest_role_arn, dest_external_id=None):
session_name = ''.join(random.choice('0123456789ABCDEF') for i in range(16))
async with aioboto3.client('sts') as sts:
src_role = await sts.assume_role(
RoleArn=src_role_arn, RoleSessionName=session_name
)
async with aioboto3.Session(
aws_access_key_id=src_role['Credentials']['AccessKeyId'],
aws_secret_access_key=src_role['Credentials']['SecretAccessKey'],
aws_session_token=src_role['Credentials']['SessionToken'],
).client('sts') as sts_client:
sts_role = await (
sts_client.assume_role(
RoleArn=dest_role_arn,
RoleSessionName=session_name,
ExternalId=dest_external_id,
)
if dest_external_id
else sts_client.assume_role(
RoleArn=dest_role_arn, RoleSessionName=session_name
)
)
aws_secret_access_key=src_role['Credentials']['SecretAccessKey'],
aws_session_token=src_role['Credentials']['SessionToken'],
).client('sts') as sts_client:
sts_role = await (
sts_client.assume_role(
RoleArn=dest_role_arn,
RoleSessionName=session_name,
ExternalId=dest_external_id,
)
if dest_external_id
else sts_client.assume_role(
RoleArn=dest_role_arn, RoleSessionName=session_name
)
)
return aioboto3.Session(
aws_access_key_id=sts_role['Credentials']['AccessKeyId'],
aws_secret_access_key=sts_role['Credentials']['SecretAccessKey'],
aws_session_token=sts_role['Credentials']['SessionToken'],
)