~/.aws/credentials
拥有主的访问密钥ID和密钥访问密钥~/.aws/config
有role_arn
和mfa_serial
角色 roleX 。它也有source_profile = main
。我的目标是:
1)我的脚本会将aws_access_key_id
和aws_secret_access_key
以及aws_session_token
打印到~/.aws/credentials
文件,自动更新在那里找到的 roleX 个人资料
示例:
~/.aws/config
[profile roleX]
mfa_serial = arn:aws:iam::123456789012:mfa/felipe
role_arn = arn:aws:iam::987654321098:role/roleX
source_profile = main
~/.aws/credentials
[main]
aws_access_key_id = key
aws_secret_access_key = secret
后
~/.aws/credentials
[main]
aws_access_key_id = key
aws_secret_access_key = secret
[roleX]
aws_access_key_id = key
aws_secret_access_key = secret
aws_session_token = temp
答案 0 :(得分:0)
我能想到的一个快速方法:
aws_access_key_id = ""
aws_secret_access_key = ""
aws_access_key_id = ""
aws_secret_access_key = ""
aws_session_token = ""
with open('~/.aws/config','r') as file1:
lines = file1.readlines()
for line in lines:
# if line.startswith('aws_access_key_id')
# then remove the string and keep the end
# ...
with open('~/.aws/credentials','r') as file1:
lines = file1.readlines()
for line in lines:
# if line.startswith('aws_access_key_id')
# then remove the string and keep the end
# ...
with open('~/.aws/credentials', 'a') as file_out:
file_out.write("[main]")
file_out.write("aws_access_key_id = {}".format(aws_access_key_id))
file_out.write("aws_secret_access_key = {}".format(aws_secret_access_key))
file_out.write("")
file_out.write("[roleX]")
file_out.write("aws_access_key_id = {}".format(aws_access_key_id))
file_out.write("aws_secret_access_key = {}".format(aws_secret_access_key))
file_out.write("aws_session_token = {}".format(aws_session_token))