Example code in README does not work for non-default profiles

[teekennedy]

The example code used in the README has you create a botocore session, add a JSONFileCache to its assume-role provider, and then pass that session in when creating a boto3 session. This causes the assume-role provider object to be instantiated before the profile is set, and it is not updated when the boto3 session is created. Example (based on README):

from botocore import credentials
import botocore.session
import boto3
import os

cli_cache = os.path.join(os.path.expanduser('~'),'.aws/cli/cache')

botocore_sess = botocore.session.get_session()
provider = botocore_sess.get_component('credential_provider').get_provider('assume-role')
provider.cache = credentials.JSONFileCache(cli_cache)

# Create boto3 client from session
session = boto3.Session(botocore_session=botocore_sess, profile_name='non-default')
print(provider._profile_name) # Outputs "default"

In order to use a non-default profile, you have to delay the initialization of the AssumeRoleCredentialProvider by setting the cache after the boto3 session is created:

from botocore import credentials
import botocore.session
import boto3
import os

cli_cache = os.path.join(os.path.expanduser('~'),'.aws/cli/cache')

botocore_sess = botocore.session.get_session()

# Create boto3 client from session
session = boto3.Session(botocore_session=botocore_sess, profile_name='non-default')

provider = botocore_sess.get_component('credential_provider').get_provider('assume-role')
provider.cache = credentials.JSONFileCache(cli_cache)
print(provider._profile_name) # Outputs "non-default"

[mixja]

Best practice you should be injecting profile from your environment.

E.g. export AWS_PROFILE='non-default'

Please see this comment - boto/botocore#1338