From 6732c0a390ffddd79bac3a75df115f53ce62148e Mon Sep 17 00:00:00 2001 From: Corentin Peuvrel Date: Mon, 1 Jul 2024 07:48:47 +0000 Subject: [PATCH] Add support to add a trusted CA or allow insecure connection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add support for 'verify' to specify trusted CA or allow insecure conn… Co-authored-by: Corentin Peuvrel --- README.md | 1 + docs/index.md | 1 + src/iam_rolesanywhere_session/iam_rolesanywhere_session.py | 3 ++- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8b2ec37..3b58ab2 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,7 @@ IAMRoleAnywhereSession will take multiple arguments: | session_duration | The duration, in seconds, of the role session. The value specified can range from 900 seconds (15 minutes) up to 3600 seconds (1 hour). | int | 3600 | | service_name | An identifier for the service, used to build the botosession. | string | rolesanywhere | | endpoint | Roles Anywhere API endpoint to use | string | '{service_name}.{region_name}.amazonaws.com' | +| verify | Whether to validate SSL certificates, or the path to a trusted certificate authority | bool or str | None | | proxies | Proxy endpoint(s) for use behind private networks with a proxy. | dict | `{}` | | proxies_config | A dictionary of additional proxy configurations. | dict | `{}` | diff --git a/docs/index.md b/docs/index.md index 1b28dda..d2c2dda 100644 --- a/docs/index.md +++ b/docs/index.md @@ -53,5 +53,6 @@ IAMRoleAnywhereSession will take multiple arguments: | session_duration | The duration, in seconds, of the role session. The value specified can range from 900 seconds (15 minutes) up to 3600 seconds (1 hour). | int | 3600 | | service_name | An identifier for the service, used to build the botosession. | string | rolesanywhere | | endpoint | Roles Anywhere API endpoint to use | string | {service_name}.{region_name}.amazonaws.com' | +| verify | Whether to validate SSL certificates, or the path to a trusted certificate authority | bool or str | None | | proxies | Proxy endpoint(s) for use behind private networks with a proxy. | dict | `{}` | | proxies_config | A dictionary of additional proxy configurations. | dict | `{}` | diff --git a/src/iam_rolesanywhere_session/iam_rolesanywhere_session.py b/src/iam_rolesanywhere_session/iam_rolesanywhere_session.py index 5d26442..985ed4f 100644 --- a/src/iam_rolesanywhere_session/iam_rolesanywhere_session.py +++ b/src/iam_rolesanywhere_session/iam_rolesanywhere_session.py @@ -99,6 +99,7 @@ def __init__( region: Optional[str] = "us-east-1", service_name: Optional[str] = "rolesanywhere", endpoint: Optional[str] = None, + verify: Optional[Union[str, bool]] = None, proxies: Optional[ProxyConfig] = {}, proxies_config: Optional[AdditionalProxyConfig] = {}, ) -> None: @@ -125,7 +126,7 @@ def __init__( self.proxies = proxies self.proxies_config = proxies_config self._session = URLLib3Session( - proxies=self.proxies, proxies_config=self.proxies_config + proxies=self.proxies, proxies_config=self.proxies_config, verify=verify ) self._request_signer = IAMRolesAnywhereSigner(