Advance preparation

In IAM, create default, dev, prod users. Attach the AmazonS3FullAccess policy to dev to allow access to S3. Prepare bucket1, bucket2, bucket3 in S3.

Use credentials file

credentials file ~/.aws/credentials or C:\Users\USER_NAME\.aws\credentials

[default]
aws_access_key_id = DEFAULT_ID
aws_secret_access_key = SECRET_KEY1
 
[dev]
aws_access_key_id = DEV_ID
aws_secret_access_key = SECRET_KEY2
 
[prod]
aws_access_key_id = PROD_ID
aws_secret_access_key = SECRET_KEY3

Python program

import boto3.session

dev_sess = boto3.session.Session(profile_name='dev')
s3 = dev_sess.resource('s3')
for bucket in s3.buckets.all():
    print(bucket.name)

The default profile_name is profile_name ='default'.

Directly specify the access ID and secret key

Python program

import boto3.session

dev_sess = boto3.session.Session(
                            aws_access_key_id='DEV_ID',
                            aws_secret_access_key='SECRET_KEY2')
s3 = dev_sess.resource('s3')
for bucket in s3.buckets.all():
    print(bucket.name)

ID / password is embedded in the program. Avoid it in production.

Execution result

Specify'dev'

bucket1
bucket2
bucket3

Specify'prod'

ClientError: An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied

Specify'foo'

ProfileNotFound: The config profile (foo) could not be found

[PYTHON] [AWS] Switch access rights in boto3 Session

Advance preparation

Use credentials file

Directly specify the access ID and secret key

Execution result