def test_save_credentials_not_default_profile(self):
""" Creates a non-default entry in empty ~/.aws/credentials """
self.profile = 'wtf'
credentials = """[wtf]
aws_access_key_id = a
aws_secret_access_key = b
aws_session_token = c
"""
session = Session()
save_credentials(session, token('a', 'b', 'c'))
self.assertAwsCredentialsEquals(credentials)
def test_save_credentials_default_profile(self):
""" Creates a default entry in non-existent ~/.aws/credentials """
self.profile = None # default
credentials = """[default]
aws_access_key_id = foo
aws_secret_access_key = bar
aws_session_token = yep
"""
session = Session()
save_credentials(session, token('foo', 'bar', 'yep'))
self.assertAwsCredentialsEquals(credentials)
def test_save_credentials_comments_not_clobbered(self):
""" Ensure comments are not clobbered in ~/.aws/credentials """
self.profile = 'foo'
credentials = self.aws_credentials
credentials += """[foo]
aws_access_key_id = a
aws_secret_access_key = b
aws_session_token = c
"""
session = Session()
save_credentials(session, token('a', 'b', 'c'))
self.assertAwsCredentialsEquals(credentials)
def save_sts_token(session: Session, client, saml: str,
role: Role) -> datetime:
token = client.assume_role_with_saml(
RoleArn=role[1],
PrincipalArn=role[0],
SAMLAssertion=saml,
)
logger.info("Retrieved temporary Amazon credentials for role: " + role[1])
return save_credentials(session, token)