STS¶
boto.sts¶
-
boto.sts.
connect_to_region
(region_name, **kw_params)¶ Given a valid region name, return a
boto.sts.connection.STSConnection
.Type: str Parameters: region_name – The name of the region to connect to. Return type: boto.sts.connection.STSConnection
orNone
Returns: A connection to the given region, or None if an invalid region name is given
-
boto.sts.
get_region
(region_name, **kw_params)¶ Find and return a
boto.regioninfo.RegionInfo
object given a region name.Type: str Param: The name of the region. Return type: boto.regioninfo.RegionInfo
Returns: The RegionInfo object for the given region or None if an invalid region name is provided.
-
boto.sts.
regions
()¶ Get all available regions for the STS service.
Return type: list Returns: A list of boto.regioninfo.RegionInfo
instances
-
class
boto.sts.
STSConnection
(aws_access_key_id=None, aws_secret_access_key=None, is_secure=True, port=None, proxy=None, proxy_port=None, proxy_user=None, proxy_pass=None, debug=0, https_connection_factory=None, region=None, path='/', converter=None)¶ -
APIVersion
= '2011-06-15'¶
-
DefaultRegionEndpoint
= 'sts.amazonaws.com'¶
-
DefaultRegionName
= 'us-east-1'¶
-
get_federation_token
(name, duration=None, policy=None)¶ Parameters:
-
get_session_token
(duration=None, force_new=False)¶ Return a valid session token. Because retrieving new tokens from the Secure Token Service is a fairly heavyweight operation this module caches previously retrieved tokens and returns them when appropriate. Each token is cached with a key consisting of the region name of the STS endpoint concatenated with the requesting user’s access id. If there is a token in the cache meeting with this key, the session expiration is checked to make sure it is still valid and if so, the cached token is returned. Otherwise, a new session token is requested from STS and it is placed into the cache and returned.
Parameters:
-
boto.sts.credentials¶
-
class
boto.sts.credentials.
Credentials
(parent=None)¶ Variables: - access_key – The AccessKeyID.
- secret_key – The SecretAccessKey.
- session_token – The session token that must be passed with requests to use the temporary credentials
- expiration – The timestamp for when the credentials will expire
-
endElement
(name, value, connection)¶
-
classmethod
from_json
(json_doc)¶ Create and return a new Session Token based on the contents of a JSON document.
Parameters: json_doc (str) – A string containing a JSON document with a previously saved Credentials object.
-
is_expired
(time_offset_seconds=0)¶ Checks to see if the Session Token is expired or not. By default it will check to see if the Session Token is expired as of the moment the method is called. However, you can supply an optional parameter which is the number of seconds of offset into the future for the check. For example, if you supply a value of 5, this method will return a True if the Session Token will be expired 5 seconds from this moment.
Parameters: time_offset_seconds (int) – The number of seconds into the future to test the Session Token for expiration.
-
classmethod
load
(file_path)¶ Create and return a new Session Token based on the contents of a previously saved JSON-format file.
Parameters: file_path (str) – The fully qualified path to the JSON-format file containing the previously saved Session Token information.
-
save
(file_path)¶ Persist a Session Token to a file in JSON format.
Parameters: path (str) – The fully qualified path to the file where the the Session Token data should be written. Any previous data in the file will be overwritten. To help protect the credentials contained in the file, the permissions of the file will be set to readable/writable by owner only.
-
startElement
(name, attrs, connection)¶
-
to_dict
()¶ Return a Python dict containing the important information about this Session Token.
-
class
boto.sts.credentials.
FederationToken
(parent=None)¶ Variables: - credentials – A Credentials object containing the credentials.
- federated_user_arn – ARN specifying federated user using credentials.
- federated_user_id – The ID of the federated user using credentials.
- packed_policy_size – A percentage value indicating the size of the policy in packed form
-
endElement
(name, value, connection)¶
-
startElement
(name, attrs, connection)¶