SAML.to
  • Introduction
  • Installation
  • Configuration
    • Identity Providers
      • GitHub
    • Service Providers
      • AWS (Federated Roles)
        • Assuming Roles
          • AWS CLI
          • AWS SDKs
          • Docker
          • Terraform
          • Kubernetes
        • Adding Users
        • Adding AWS Accounts
        • Adding Roles
        • Roles for GitHub Actions
    • Configuration Reference
      • Substitutions
  • FAQs
  • Usage
    • CLI
      • login
      • assume
      • list-roles
    • GitHub Actions
      • Assume AWS Role Action
      • Config Sync Action
  • Advanced Usage
    • AWS
      • CloudWatch Dashboard Sharing
Powered by GitBook
On this page
  • Environment Variables
  • Named Profiles
  1. Configuration
  2. Service Providers
  3. AWS (Federated Roles)
  4. Assuming Roles

AWS SDKs

PreviousAWS CLINextDocker

Last updated 2 years ago

The AWS SDKs behave identically to the . For example you can use or a before the application is launced with the AWS SDK.

Environment Variables

myscript.py

import boto3

ec2 = boto3.client('ec2')

for i in ec2.instances.all():
    if i.state['Name'] == 'stopped':
        i.start()

Then, to invoke myscript.py with temporary credentials from SAML.to, in a Subshell ($(...))

$(saml-to assume the-role-name --headless)
python myscript.py

Named Profiles

myscript.py

import boto3

ec2 = boto3.client('ec2', profile_name='the-profile-name')

for i in ec2.instances.all():
    if i.state['Name'] == 'stopped':
        i.start()

Then, to invoke myscript.py with temporary credentials from SAML.to:

saml-to assume the-role-name --save the-profile-name
python myscript.py
AWS CLI
Environment Variables
Named Profile