import boto3def aws_session(role_arn=None, session_name='my_session'): """

1. import boto3
2.  
3. def aws_session(role_arn=None, session_name='my_session'):
4. """
5. If role_arn is given assumes a role and returns boto3 session
6. otherwise return a regular session with the current IAM user/role
7. """
8. if role_arn:
9. client = boto3.client('sts')
10. response = client.assume_role(RoleArn=role_arn, RoleSessionName=session_name)
11. session = boto3.Session(
12. aws_access_key_id=response['Credentials']['AccessKeyId'],
13. aws_secret_access_key=response['Credentials']['SecretAccessKey'],
14. aws_session_token=response['Credentials']['SessionToken'])
15. return session
16. else:
17. return boto3.Session()
18.  
19. def lambda_handler(event, context):
20. session_assumed = aws_session(role_arn='arn:aws:iam::01234567890:role/my_role', session_name='my_lambda')
21. session_regular = aws_session()
22.  
23. print(session_assumed.client('sts').get_caller_identity()['Account'])
24. print(session_regular.client('sts').get_caller_identity()['Account'])