diff options
author | Stef Fen <stevie-@users.noreply.github.com> | 2018-12-06 00:53:53 +0100 |
---|---|---|
committer | Will Thames <will@thames.id.au> | 2018-12-06 09:53:53 +1000 |
commit | 9dc36fcaf011a65a006fd887e99cd7bb55e3473a (patch) | |
tree | a70ac5b5551fd5f5a5c118f0462feeeb9fbd9dbb /contrib | |
parent | a5d98d69ffa6d622d40a40fa9ce882d30864470c (diff) | |
download | ansible-9dc36fcaf011a65a006fd887e99cd7bb55e3473a.tar.gz |
Fix AWS STS session detection (#49536)
If CLI has already assumed a IAM Role, then the cli environment has an additional variable: AWS_SESSION_TOKEN
This needs to be forwarded to boto to successfully reuse the AWS session in boto.
Diffstat (limited to 'contrib')
-rwxr-xr-x | contrib/inventory/ec2.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/contrib/inventory/ec2.py b/contrib/inventory/ec2.py index 7ba6142dfe..1e9487d9bb 100755 --- a/contrib/inventory/ec2.py +++ b/contrib/inventory/ec2.py @@ -576,6 +576,8 @@ class Ec2Inventory(object): if self.boto_profile: connect_args['profile_name'] = self.boto_profile self.boto_fix_security_token_in_profile(connect_args) + elif os.environ.get('AWS_SESSION_TOKEN'): + connect_args['security_token'] = os.environ.get('AWS_SESSION_TOKEN') if self.iam_role: sts_conn = sts.connect_to_region(region, **connect_args) |