STS SSM Sample
import os
import time
import boto3
from boto3.session import Session
def lambda_handler(event, context):
r = boto3.client("sts").assume_role(
RoleArn = "<To Account Role ARN>",
RoleSessionName = "sts",
)
s = Session(aws_access_key_id=r["Credentials"]["AccessKeyId"],
aws_secret_access_key=r["Credentials"]["SecretAccessKey"],
aws_session_token=r["Credentials"]["SessionToken"],
region_name=os.environ["AWS_REGION"])
i = s.client("ssm").send_command(
InstanceIds=["i-38877da6"],
DocumentName="AWS-RunShellScript",
Parameters={
"commands": ["ls"],
"executionTimeout": ["60"]
}
)
time.sleep(10)
print s.client("ssm").list_command_invocations(
CommandId=i["Command"]["CommandId"],
Details=True
)