Added option to set the AWS session token to the Route53Provider

2024-05-11 05:55:00 +00:00 · 2018-11-12 16:14:31 +01:00
parent 4e9cd1d975
commit dfdf81cda4
1 changed files with 11 additions and 6 deletions
--- a/octodns/provider/route53.py
+++ b/octodns/provider/route53.py
@@ -221,9 +221,12 @@ class Route53Provider(BaseProvider):
        access_key_id:
        # The AWS secret access key
        secret_access_key:
+        # The AWS session token
+        session_token:

-    Alternatively, you may leave out access_key_id and secret_access_key,
-    this will result in boto3 deciding authentication dynamically.
+    Alternatively, you may leave out access_key_id, secret_access_key
+    and session_token. 
+    This will result in boto3 deciding authentication dynamically.

    In general the account used will need full permissions on Route53.
    '''
@@ -236,10 +239,11 @@ class Route53Provider(BaseProvider):
    HEALTH_CHECK_VERSION = '0001'

    def __init__(self, id, access_key_id=None, secret_access_key=None,
-                 max_changes=1000, client_max_attempts=None, *args, **kwargs):
+                 session_token=None, max_changes=1000, 
+                 client_max_attempts=None, *args, **kwargs):
        self.max_changes = max_changes
-        _msg = 'access_key_id={}, secret_access_key=***'.format(access_key_id)
-        if access_key_id is None and secret_access_key is None:
+        _msg = 'access_key_id={}, secret_access_key=***, session_token=***'.format(access_key_id)
+        if access_key_id is None and secret_access_key is None and session_token is None:
            _msg = 'auth=fallback'
        self.log = logging.getLogger('Route53Provider[{}]'.format(id))
        self.log.debug('__init__: id=%s, %s', id, _msg)
@@ -251,11 +255,12 @@ class Route53Provider(BaseProvider):
                          client_max_attempts)
            config = Config(retries={'max_attempts': client_max_attempts})

-        if access_key_id is None and secret_access_key is None:
+        if access_key_id is None and secret_access_key is None and session_token is None:
            self._conn = client('route53', config=config)
        else:
            self._conn = client('route53', aws_access_key_id=access_key_id,
                                aws_secret_access_key=secret_access_key,
+                                aws_session_token=session_token,
                                config=config)

        self._r53_zones = None