Skip to content Skip to sidebar Skip to footer
Home / Amazon S3 / Amazon Web Services / Boto3 / Python

Where Can I Find The Documentation For Writing Custom Aws Credential Provider Using Boto3?

Post a Comment
I am looking to create a python process to refresh temporary AWS credentials (valid for 30 mins) at runtime to ensure my code can run continuously for more than 30 mins. What is Re

Solution 1:

After a lot of poking around, I finally came to conclusion that the botocore and boto3 classes are not documented.

I looked at the source code and have implemented a solution that works for my use case. Posting it here for others to refer.

classAWSCredsRefresh:defrun(self):
        session = get_session()
        cred_provider = session.get_component('credential_provider')

        cred_provider.insert_before('env', CustomCredentialProvider())

        boto3_session = Session(botocore_session=session)
        #Perform AWS operations with boto3_sessionclassCustomCredentialProvider(CredentialProvider):
    CANONICAL_NAME = "custom-creds"def__init__(self):


    defload(self):
        #These creds will be automatically refreshed using the _refreh method if the current creds are going to expire in 15 mins or less
        creds = DeferredRefreshableCredentials(refresh_using=self._refresh, method="sts-assume-role",)
        return creds

    def_refresh(self):
        #Refresh your AWS creds using custom process
        response = self._custom_aws_cred_refresh()
        credentials = {
            "access_key": response.get("AccessKeyId"),
            "secret_key": response.get("SecretAccessKey"),
            "token": response.get("SessionToken"),
            "expiry_time": response.get("Expiration").isoformat(),
        }
        return credentials

    def_custom_aws_cred_refresh(self):
        #Your custom AWS cred refresh codereturn response


if __name__ == '__main__':
    obj = AWSCredsRefresh()
    obj.run()

Solution 2:

Full AWS boto3 documentation: https://boto3.amazonaws.com/v1/documentation/api/latest/index.html

Credentials documentation: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html

RefreshableCredentials is a botocore class acting like a container for credentials needed to authenticate requests, and it can automatically refresh the credentials

This is a great guide on how to use it: https://dev.to/li_chastina/auto-refresh-aws-tokens-using-iam-role-and-boto3-2cjf

You may like these posts

Post a Comment for "Where Can I Find The Documentation For Writing Custom Aws Credential Provider Using Boto3?"