Python botocore.session.Session() Examples

The following are 17 code examples of botocore.session.Session(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module botocore.session , or try the search function .
Example #1
Source File: base_worker.py    From botoflow with Apache License 2.0 6 votes vote down vote up
def __init__(self, session, aws_region, domain, task_list):
        if not isinstance(session, Session):
            raise TypeError("session must be an instance "
                            "of botocore.session.Session")

        self._identity = None
        self._session = session
        self._aws_region = aws_region

        self._domain = domain
        self._task_list = task_list

        # set user agent to botoflow
        # import here to avoid import cycles
        from .. import __version__
        session.user_agent_name = 'botoflow'
        session.user_agent_version = __version__
        self._fix_endpoint() 
Example #2
Source File: factory.py    From chalice with Apache License 2.0 6 votes vote down vote up
def create_botocore_session(profile=None, debug=False,
                            connection_timeout=None,
                            read_timeout=None,
                            max_retries=None):
    # type: (OptStr, bool, OptInt, OptInt, OptInt) -> Session
    s = Session(profile=profile)
    _add_chalice_user_agent(s)
    if debug:
        _inject_large_request_body_filter()
    config_args = {}  # type: Dict[str, Any]
    if connection_timeout is not None:
        config_args['connect_timeout'] = connection_timeout
    if read_timeout is not None:
        config_args['read_timeout'] = read_timeout
    if max_retries is not None:
        config_args['retries'] = {'max_attempts': max_retries}
    if config_args:
        config = BotocoreConfig(**config_args)
        s.set_default_client_config(config)
    return s 
Example #3
Source File: s3.py    From tap-s3-csv with GNU Affero General Public License v3.0 6 votes vote down vote up
def setup_aws_client(config):
    role_arn = "arn:aws:iam::{}:role/{}".format(config['account_id'].replace('-', ''),
                                                config['role_name'])
    session = Session()
    fetcher = AssumeRoleCredentialFetcher(
        session.create_client,
        session.get_credentials(),
        role_arn,
        extra_args={
            'DurationSeconds': 3600,
            'RoleSessionName': 'TapS3CSV',
            'ExternalId': config['external_id']
        },
        cache=JSONFileCache()
    )

    refreshable_session = Session()
    refreshable_session.register_component(
        'credential_provider',
        CredentialResolver([AssumeRoleProvider(fetcher)])
    )

    LOGGER.info("Attempting to assume_role on RoleArn: %s", role_arn)
    boto3.setup_default_session(botocore_session=refreshable_session) 
Example #4
Source File: aws.py    From opinel with GNU General Public License v2.0 6 votes vote down vote up
def build_region_list(service, chosen_regions = [], partition_name = 'aws'):
    """
    Build the list of target region names

    :param service:
    :param chosen_regions:
    :param partition_name:

    :return:
    """
    service = 'ec2containerservice' if service == 'ecs' else service # Of course things aren't that easy...
    # Get list of regions from botocore
    regions = Session().get_available_regions(service, partition_name = partition_name)
    if len(chosen_regions):
        return list((Counter(regions) & Counter(chosen_regions)).elements())
    else:
        return regions 
Example #5
Source File: aws_auth.py    From cerberus-python-client with Apache License 2.0 6 votes vote down vote up
def _get_v4_signed_headers(self):
        """Returns V4 signed get-caller-identity request headers"""
        if self.aws_session is None:
            boto_session = session.Session()
            creds = boto_session.get_credentials()
        else:
            creds = self.aws_session.get_credentials()
        if creds is None:
            raise CerberusClientException("Unable to locate AWS credentials")
        readonly_credentials = creds.get_frozen_credentials()

        # hardcode get-caller-identity request
        data = OrderedDict((('Action', 'GetCallerIdentity'), ('Version', '2011-06-15')))
        url = 'https://sts.{}.amazonaws.com/'.format(self.region)
        request_object = awsrequest.AWSRequest(method='POST', url=url, data=data)

        signer = auth.SigV4Auth(readonly_credentials, 'sts', self.region)
        signer.add_auth(request_object)
        return request_object.headers 
Example #6
Source File: __init__.py    From toil with Apache License 2.0 6 votes vote down vote up
def __init__(self, name, access_key=None, secret_key=None,
                     security_token=None, profile_name=None, **kwargs):
            """
            Create a new BotoCredentialAdapter.
            """
            # TODO: We take kwargs because new boto2 versions have an 'anon'
            # argument and we want to be future proof

            if (name == 'aws' or name is None) and access_key is None and not kwargs.get('anon', False):
                # We are on AWS and we don't have credentials passed along and we aren't anonymous.
                # We will backend into a boto3 resolver for getting credentials.
                # Make sure to enable boto3's own caching, so we can share that
                # cash with pure boto3 code elsewhere in Toil.
                self._boto3_resolver = create_credential_resolver(Session(profile=profile_name), cache=JSONFileCache())
            else:
                # We will use the normal flow
                self._boto3_resolver = None

            # Pass along all the arguments
            super(BotoCredentialAdapter, self).__init__(name, access_key=access_key,
                                                        secret_key=secret_key, security_token=security_token,
                                                        profile_name=profile_name, **kwargs) 
Example #7
Source File: spark_tools.py    From paasta with Apache License 2.0 6 votes vote down vote up
def get_aws_credentials(
    service: str = DEFAULT_SPARK_SERVICE,
    no_aws_credentials: bool = False,
    aws_credentials_yaml: Optional[str] = None,
    profile_name: Optional[str] = None,
) -> Tuple[Optional[str], Optional[str]]:
    if no_aws_credentials:
        return None, None
    elif aws_credentials_yaml:
        return _load_aws_credentials_from_yaml(aws_credentials_yaml)
    elif service != DEFAULT_SPARK_SERVICE:
        service_credentials_path = os.path.join(AWS_CREDENTIALS_DIR, f"{service}.yaml")
        if os.path.exists(service_credentials_path):
            return _load_aws_credentials_from_yaml(service_credentials_path)
        else:
            print(
                PaastaColors.yellow(
                    "Did not find service AWS credentials at %s.  Falling back to "
                    "user credentials." % (service_credentials_path)
                )
            )

    creds = Session(profile=profile_name).get_credentials()
    return creds.access_key, creds.secret_key 
Example #8
Source File: cli.py    From python-aada with MIT License 6 votes vote down vote up
def main(self):
        parser = self._create_parser()
        self._parsed_args = parser.parse_args(self.args)

        if self._parsed_args.profile:
            self._session = Session(profile=self._parsed_args.profile)
        else:
            self._session = get_session()

        if self._parsed_args.debug:
            self._debug = True

        if self._parsed_args.no_headless:
            self._headless = False

        if self._parsed_args.role:
            self._role = self._parsed_args.role

        if self._parsed_args.account:
            self._account = self._parsed_args.account

        return self.__getattribute__('_{}'.format(self._parsed_args.command))() 
Example #9
Source File: aws.py    From opinel with GNU General Public License v2.0 5 votes vote down vote up
def connect_service(service, credentials, region_name = None, config = None, silent = False):
    """
    Instantiates an AWS API client

    :param service:
    :param credentials:
    :param region_name:
    :param config:
    :param silent:

    :return:
    """
    api_client = None
    try:
        client_params = {}
        client_params['service_name'] = service.lower()
        session_params = {}
        session_params['aws_access_key_id'] = credentials['AccessKeyId']
        session_params['aws_secret_access_key'] = credentials['SecretAccessKey']
        session_params['aws_session_token'] = credentials['SessionToken']
        if region_name:
            client_params['region_name'] = region_name
            session_params['region_name'] = region_name
        if config:
            client_params['config'] = config
        aws_session = boto3.session.Session(**session_params)
        if not silent:
            infoMessage = 'Connecting to AWS %s' % service
            if region_name:
                infoMessage = infoMessage + ' in %s' % region_name
            printInfo('%s...' % infoMessage)
        api_client = aws_session.client(**client_params)
    except Exception as e:
        printException(e)
    return api_client 
Example #10
Source File: config.py    From awsudo with MIT License 5 votes vote down vote up
def getEnvironment(self, profile=None):
        """Return environment variables that should be set for the profile."""
        eventHooks = HierarchicalEmitter()
        session = Session(event_hooks=eventHooks)

        if profile:
            session.set_config_variable('profile', profile)

        eventHooks.register('session-initialized',
                            inject_assume_role_provider_cache,
                            unique_id='inject_assume_role_cred_provider_cache')

        session.emit('session-initialized', session=session)
        creds = session.get_credentials()

        env = {}

        def set(key, value):
            if value:
                env[key] = value

        set('AWS_ACCESS_KEY_ID', creds.access_key)
        set('AWS_SECRET_ACCESS_KEY', creds.secret_key)

        # AWS_SESSION_TOKEN is the ostensibly the standard:
        # http://blogs.aws.amazon.com/security/post/Tx3D6U6WSFGOK2H/A-New-and-Standardized-Way-to-Manage-Credentials-in-the-AWS-SDKs
        # http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-environment
        set('AWS_SESSION_TOKEN', creds.token)

        # ...but boto expects AWS_SECURITY_TOKEN. Set both for compatibility.
        # https://github.com/boto/boto/blob/b016c07d834df5bce75141c4b9d2f3d30352e1b8/boto/connection.py#L438
        set('AWS_SECURITY_TOKEN', creds.token)

        set('AWS_DEFAULT_REGION', session.get_config_variable('region'))

        return env 
Example #11
Source File: factory.py    From chalice with Apache License 2.0 5 votes vote down vote up
def _add_chalice_user_agent(session):
    # type: (Session) -> None
    suffix = '%s/%s' % (session.user_agent_name, session.user_agent_version)
    session.user_agent_name = 'aws-chalice'
    session.user_agent_version = chalice_version
    session.user_agent_extra = suffix 
Example #12
Source File: factory.py    From chalice with Apache License 2.0 5 votes vote down vote up
def create_botocore_session(self, connection_timeout=None,
                                read_timeout=None, max_retries=None):
        # type: (OptInt, OptInt, OptInt) -> Session
        return create_botocore_session(profile=self.profile,
                                       debug=self.debug,
                                       connection_timeout=connection_timeout,
                                       read_timeout=read_timeout,
                                       max_retries=max_retries) 
Example #13
Source File: factory.py    From chalice with Apache License 2.0 5 votes vote down vote up
def create_default_deployer(self, session, config, ui):
        # type: (Session, Config, UI) -> deployer.Deployer
        return deployer.create_default_deployer(session, config, ui) 
Example #14
Source File: factory.py    From chalice with Apache License 2.0 5 votes vote down vote up
def create_plan_only_deployer(self, session, config, ui):
        # type: (Session, Config, UI) -> deployer.Deployer
        return deployer.create_plan_only_deployer(session, config, ui) 
Example #15
Source File: factory.py    From chalice with Apache License 2.0 5 votes vote down vote up
def create_log_retriever(self, session, lambda_arn, follow_logs):
        # type: (Session, str, bool) -> LogRetriever
        client = TypedAWSClient(session)
        if follow_logs:
            event_generator = cast(BaseLogEventGenerator,
                                   FollowLogEventGenerator(client))
        else:
            event_generator = cast(BaseLogEventGenerator,
                                   LogEventGenerator(client))
        retriever = LogRetriever.create_from_lambda_arn(event_generator,
                                                        lambda_arn)
        return retriever 
Example #16
Source File: sendDataCatalogUpdateToElasticsearch.py    From accelerated-data-lake with Apache License 2.0 4 votes vote down vote up
def post_to_es(payload):

    # Get aws_region and credentials to post signed URL to ES
    es_region = os.environ['AWS_REGION']
    session = Session({'region': es_region})
    creds = get_credentials(session)

    # Post data with exponential backoff
    retries = 0
    while retries < ES_MAX_RETRIES:
        if retries > 0:
            seconds = (2 ** retries) * .1
            time.sleep(seconds)

        try:
            es_ret_str = post_data_to_es(
                payload,
                es_region,
                creds,
                elasticsearch_endpoint,
                '/_bulk')
            es_ret = json.loads(es_ret_str)

            if es_ret['errors']:
                logger.error(
                    'ES post unsuccessful, errors present, took=%sms',
                    es_ret['took'])
                # Filter errors
                es_errors = \
                    [item for item in es_ret['items'] if
                        item.get('index').get('error')]
                logger.error(
                    'List of items with errors: %s',
                    json.dumps(es_errors))
            else:
                logger.info('ES post successful, took=%sms', es_ret['took'])
            break  # Sending to ES was ok, break retry loop
        except ES_Exception as e:
            if (e.status_code >= 500) and (e.status_code <= 599):
                retries += 1  # Candidate for retry
        else:
            raise  # Stop retrying, re-raise exception 
Example #17
Source File: __init__.py    From aegea with Apache License 2.0 4 votes vote down vote up
def register_parser(function, parent=None, name=None, **add_parser_args):
    def get_aws_profiles(**kwargs):
        from botocore.session import Session
        return list(Session().full_config["profiles"])

    def set_aws_profile(profile_name):
        os.environ["AWS_PROFILE"] = profile_name
        del os.environ["AWS_DEFAULT_PROFILE"]

    def get_region_names(**kwargs):
        from botocore.loaders import create_loader
        for partition_data in create_loader().load_data("endpoints")["partitions"]:
            if partition_data["partition"] == config.partition:
                return partition_data["regions"].keys()

    def set_aws_region(region_name):
        os.environ["AWS_DEFAULT_REGION"] = region_name

    def set_endpoint_url(endpoint_url):
        from .util.aws._boto3_loader import Loader
        Loader.client_kwargs["default"].update(endpoint_url=endpoint_url)

    def set_client_kwargs(client_kwargs):
        from .util.aws._boto3_loader import Loader
        Loader.client_kwargs.update(json.loads(client_kwargs))

    if config is None:
        initialize()
    if parent is None:
        parent = parser
    parser_name = name or function.__name__
    if parent.prog not in _subparsers:
        _subparsers[parent.prog] = parent.add_subparsers()
    if "description" not in add_parser_args:
        func_module = sys.modules[function.__module__]
        add_parser_args["description"] = add_parser_args.get("help", function.__doc__ or func_module.__doc__)
    if add_parser_args["description"] and "help" not in add_parser_args:
        add_parser_args["help"] = add_parser_args["description"].strip().splitlines()[0].rstrip(".")
    add_parser_args.setdefault("formatter_class", AegeaHelpFormatter)
    subparser = _subparsers[parent.prog].add_parser(parser_name.replace("_", "-"), **add_parser_args)
    if "_" in parser_name and USING_PYTHON2:
        _subparsers[parent.prog]._name_parser_map[parser_name] = subparser
    subparser.add_argument("--max-col-width", "-w", type=int, default=32,
                           help="When printing tables, truncate column contents to this width. Set to 0 for auto fit.")
    subparser.add_argument("--json", action="store_true",
                           help="Output tabular data as a JSON-formatted list of objects")
    subparser.add_argument("--log-level", default=config.get("log_level"),
                           help=str([logging.getLevelName(i) for i in range(10, 60, 10)]),
                           choices={logging.getLevelName(i) for i in range(10, 60, 10)})
    subparser.add_argument("--profile", help="Profile to use from the AWS CLI credential file",
                           type=set_aws_profile).completer = get_aws_profiles
    subparser.add_argument("--region", help="Region to use (overrides environment variable)",
                           type=set_aws_region).completer = get_region_names
    subparser.add_argument("--endpoint-url", metavar="URL", help="Service endpoint URL to use", type=set_endpoint_url)
    subparser.add_argument("--client-kwargs", help=argparse.SUPPRESS, type=set_client_kwargs)
    subparser.set_defaults(entry_point=function)
    if parent and sys.version_info < (2, 7, 9):  # See https://bugs.python.org/issue9351
        parent._defaults.pop("entry_point", None)
    subparser.set_defaults(**_get_config_for_prog(subparser.prog))
    return subparser