Merge pull request #298 from zBart/patch-2

Added option to set the AWS session token to the Route53Provider

octodns/provider/route53.py

@@ -221,9 +221,13 @@ class Route53Provider(BaseProvider):
         access_key_id:
         # The AWS secret access key
         secret_access_key:
+        # The AWS session token (optional)
+        # Only needed if using temporary security credentials
+        session_token:
 
-    Alternatively, you may leave out access_key_id and secret_access_key,
-    this will result in boto3 deciding authentication dynamically.
+    Alternatively, you may leave out access_key_id, secret_access_key
+    and session_token.
+    This will result in boto3 deciding authentication dynamically.
 
     In general the account used will need full permissions on Route53.
     '''
@@ -236,10 +240,14 @@ class Route53Provider(BaseProvider):
     HEALTH_CHECK_VERSION = '0001'
 
     def __init__(self, id, access_key_id=None, secret_access_key=None,
-                 max_changes=1000, client_max_attempts=None, *args, **kwargs):
+                 max_changes=1000, client_max_attempts=None,
+                 session_token=None, *args, **kwargs):
         self.max_changes = max_changes
-        _msg = 'access_key_id={}, secret_access_key=***'.format(access_key_id)
-        if access_key_id is None and secret_access_key is None:
+        _msg = 'access_key_id={}, secret_access_key=***, ' \
+               'session_token=***'.format(access_key_id)
+        use_fallback_auth = access_key_id is None and \
+            secret_access_key is None and session_token is None
+        if use_fallback_auth:
             _msg = 'auth=fallback'
         self.log = logging.getLogger('Route53Provider[{}]'.format(id))
         self.log.debug('__init__: id=%s, %s', id, _msg)
@@ -251,11 +259,12 @@ class Route53Provider(BaseProvider):
                           client_max_attempts)
             config = Config(retries={'max_attempts': client_max_attempts})
 
-        if access_key_id is None and secret_access_key is None:
+        if use_fallback_auth:
             self._conn = client('route53', config=config)
         else:
             self._conn = client('route53', aws_access_key_id=access_key_id,
                                 aws_secret_access_key=secret_access_key,
+                                aws_session_token=session_token,
                                 config=config)
 
         self._r53_zones = None