我在另一个条件为的角色中
"Condition": {
"StringEquals": {
"sts:ExternalId": "12345"
}
}
我正在使用以下会话来假设它是
def assumed_role_session(role_arn):
base_session = boto3.session.Session()._session
fetcher = botocore.credentials.AssumeRoleCredentialFetcher(
client_creator = base_session.create_client,
source_credentials = base_session.get_credentials(),
role_arn = role_arn,
)
creds = botocore.credentials.DeferredRefreshableCredentials(
method = 'assume-role',
refresh_using = fetcher.fetch_credentials,
time_fetcher = lambda: datetime.datetime.now(tzlocal())
)
botocore_session = botocore.session.Session()
botocore_session._credentials = creds
return boto3.Session(botocore_session = botocore_session)
但它提出了授权问题。有人能帮忙把外部id放在哪里吗?
在boto3中,您使用assume_role来承担角色,这允许您将ExternalId指定为输入参数之一。