Menu
I need to get the account-id of the 'current user' in a boto3 script. Up to now my best solution is to parse the current user arn:
>>> import boto3 >>> account_id = boto3.resource('iam').CurrentUser().arn.split(':')[4] but I was wondering if there is a more 'lightweight' approach. In fact
>>> timeit.timeit("boto3.resource('iam').CurrentUser().arn", ... 'import boto3', number=10) 4.8895583080002325 and I actually do not need the CurrentUser resource in my script.
792
Configuring credentials There are two types of configuration data in Boto3: credentials and non-credentials. Credentials include items such as aws_access_key_id , aws_secret_access_key , and aws_session_token .
Security Token Service (STS) enables you to request temporary, limited-privilege credentials for Identity and Access Management (IAM) users or for users that you authenticate (federated users).
You can get the account ID by using the STS API:
>>> import boto3 >>> boto3.client('sts').get_caller_identity().get('Account') '012345678901' EDIT: There is now an api you can call, see mixja's answer.
First off, there is no way to get the account id straight from boto3. There is no information stored locally that can tell you that, and there is no service API that returns it outside the context of an ARN. So there is no way to get it from boto3 without inspecting an ARN.
Secondly, using timeit can be very misleading with boto3 or botocore because there is a bit of warm-up time when you create a client or resource for the first time (the service definitions are loaded on the fly).
43
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
