https://pulumi.com logo
Title
m

magnificent-pillow-80370

04/19/2023, 3:25 PM
s

steep-toddler-94095

04/19/2023, 5:20 PM
m

magnificent-pillow-80370

04/20/2023, 11:50 AM
I am passing role arn as the variable in the program:
role_arn = "arn:aws:iam::123456789:role/role_name"
# Create a new AWS provider that uses the assumed role
aws_provider = Provider("custom", region="us-east-1", assume_role={"role_arn": role_arn,
                                                                   "session_name": "session_name"})
If I assume the role using sts and use it in aws provider, the code works fine. code doesn't work the way its mentioned in the example: https://github.com/pulumi/examples/blob/master/aws-py-assume-role/assume-role/__main__.py
sts_client = boto3.client("sts")

# Assume the role and get the credentials
assumed_role = sts_client.assume_role(RoleArn=role_arn,
                                      RoleSessionName="pulumi_role_session",
                                      )

# Set assumed role credentials
assumed_role_credentials = assumed_role["Credentials"]

# Create the AWS provider with temporary credentials
aws_provider = aws.Provider("temp_creds_provider",
                            access_key=assumed_role_credentials["AccessKeyId"],
                            secret_key=assumed_role_credentials["SecretAccessKey"],
                            token=assumed_role_credentials["SessionToken"],
                            region="us-east-1",
                            )