Fix AWS STS session detection (#49536)
If CLI has already assumed a IAM Role, then the cli environment has an additional variable: AWS_SESSION_TOKEN This needs to be forwarded to boto to successfully reuse the AWS session in boto.
This commit is contained in:
parent
a5d98d69ff
commit
9dc36fcaf0
1 changed files with 2 additions and 0 deletions
|
@ -576,6 +576,8 @@ class Ec2Inventory(object):
|
||||||
if self.boto_profile:
|
if self.boto_profile:
|
||||||
connect_args['profile_name'] = self.boto_profile
|
connect_args['profile_name'] = self.boto_profile
|
||||||
self.boto_fix_security_token_in_profile(connect_args)
|
self.boto_fix_security_token_in_profile(connect_args)
|
||||||
|
elif os.environ.get('AWS_SESSION_TOKEN'):
|
||||||
|
connect_args['security_token'] = os.environ.get('AWS_SESSION_TOKEN')
|
||||||
|
|
||||||
if self.iam_role:
|
if self.iam_role:
|
||||||
sts_conn = sts.connect_to_region(region, **connect_args)
|
sts_conn = sts.connect_to_region(region, **connect_args)
|
||||||
|
|
Loading…
Reference in a new issue