Python boto3.Session() Examples
The following are 30
code examples of boto3.Session().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
boto3
, or try the search function
.
.
Example #1
| Source File: destroy_sns_event.py From foremast with Apache License 2.0 | 6 votes |
|
def destroy_sns_event(app_name, env, region):
""" Destroy all Lambda SNS subscriptions.
Args:
app_name (str): name of the lambda function
env (str): Environment/Account for lambda function
region (str): AWS region of the lambda function
Returns:
boolean: True if subscription destroyed successfully
"""
session = boto3.Session(profile_name=env, region_name=region)
sns_client = session.client('sns')
lambda_subscriptions = get_sns_subscriptions(app_name=app_name, env=env, region=region)
for subscription_arn in lambda_subscriptions:
sns_client.unsubscribe(SubscriptionArn=subscription_arn)
LOG.debug("Lambda SNS event deleted")
return True
Example #2
| Source File: audit.py From aegea with Apache License 2.0 | 6 votes |
|
def audit_2_3(self):
"""2.3 Ensure the S3 bucket CloudTrail logs to is not publicly accessible (Scored)"""
raise NotImplementedError()
import boto3
s3 = boto3.session.Session(region_name="us-east-1").resource("s3")
# s3 = boto3.resource("s3")
# for trail in self.trails:
# for grant in s3.Bucket(trail["S3BucketName"]).Acl().grants:
# print(s3.Bucket(trail["S3BucketName"]).Policy().policy)
for bucket in s3.buckets.all():
print(bucket)
try:
print(" Policy:", bucket.Policy().policy)
except Exception:
pass
for grant in bucket.Acl().grants:
try:
print(" Grant:", grant)
except Exception:
pass
Example #3
| Source File: __init__.py From aws-ops-automator with Apache License 2.0 | 6 votes |
|
def get_session(role_arn=None, sts_client=None, logger=None):
if role_arn not in [None, ""]:
sts = sts_client if sts_client is not None else boto3.client("sts")
account = account_from_role_arn(role_arn)
try:
token = sts.assume_role(RoleArn=role_arn, RoleSessionName="{}-{}".format(account, str(uuid.uuid4())))
except botocore.exceptions.ClientError as ex:
if logger is not None:
logger.error(ERR_ASSUME_ROLE_FOR_ARN, role_arn, ex)
raise ex
credentials = token["Credentials"]
return boto3.Session(aws_access_key_id=credentials["AccessKeyId"],
aws_secret_access_key=credentials["SecretAccessKey"],
aws_session_token=credentials["SessionToken"])
else:
role = os.getenv(ENV_ROLE_ARN)
if role is not None:
return get_session(role, sts_client)
return boto3.Session()
Example #4
| Source File: s3.py From aegea with Apache License 2.0 | 6 votes |
|
def describe_bucket_worker(bucket):
bucket.LocationConstraint = clients.s3.get_bucket_location(Bucket=bucket.name)["LocationConstraint"]
cloudwatch = resources.cloudwatch
bucket_region = bucket.LocationConstraint or "us-east-1"
if bucket_region != cloudwatch.meta.client.meta.region_name:
cloudwatch = boto3.Session(region_name=bucket_region).resource("cloudwatch")
data = get_cloudwatch_metric_stats("AWS/S3", "NumberOfObjects",
start_time=datetime.utcnow() - timedelta(days=2),
end_time=datetime.utcnow(), period=3600, BucketName=bucket.name,
StorageType="AllStorageTypes", resource=cloudwatch)
bucket.NumberOfObjects = int(data["Datapoints"][-1]["Average"]) if data["Datapoints"] else None
data = get_cloudwatch_metric_stats("AWS/S3", "BucketSizeBytes",
start_time=datetime.utcnow() - timedelta(days=2),
end_time=datetime.utcnow(), period=3600, BucketName=bucket.name,
StorageType="StandardStorage", resource=cloudwatch)
bucket.BucketSizeBytes = format_number(data["Datapoints"][-1]["Average"]) if data["Datapoints"] else None
return bucket
Example #5
| Source File: log.py From app with MIT License | 6 votes |
|
def _get_watchtower_handler():
session = boto3.Session(
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=AWS_REGION,
)
handler = watchtower.CloudWatchLogHandler(
log_group=CLOUDWATCH_LOG_GROUP,
stream_name=CLOUDWATCH_LOG_STREAM,
send_interval=5, # every 5 sec
boto3_session=session,
)
handler.setFormatter(_log_formatter)
return handler
Example #6
| Source File: LambdaWrite.py From LambdaGuard with Apache License 2.0 | 6 votes |
|
def get_attached_local_policies(self):
client = boto3.Session(
profile_name=self.args.profile,
aws_access_key_id=self.args.keys[0],
aws_secret_access_key=self.args.keys[1],
region_name=self.args.region
).client('iam')
pages = paginate(
client,
'list_policies',
Scope='Local',
OnlyAttached=True
)
for page in pages:
for policy in page['Policies']:
version = client.get_policy_version(
PolicyArn=policy['Arn'],
VersionId=policy['DefaultVersionId']
)['PolicyVersion']
yield policy['Arn'], version
Example #7
| Source File: __init__.py From LambdaGuard with Apache License 2.0 | 6 votes |
|
def get_regions(args):
'''
Valid region specification:
Single: eu-west-1
Multiple: eu-west-1,ap-south-1,us-east-2
All: all
Returns regions as a Python list
'''
if not isinstance(args.region, str):
raise ValueError(f'No region specified')
if args.function:
return [arnparse(args.function).region]
available = boto3.Session().get_available_regions('lambda')
if args.region == 'all':
return available
regions = args.region.split(',')
if not regions:
raise ValueError(f'No region specified')
for region in regions:
if region not in available:
raise ValueError(f'Invalid region "{region}"')
return regions
Example #8
| Source File: AWS.py From LambdaGuard with Apache License 2.0 | 6 votes |
|
def __init__(self, arn, profile=None, access_key_id=None, secret_access_key=None):
# AWS ARN
self.arn = arnparse(arn)
# AWS Profile and Keys
self.profile = profile
self.access_key_id = access_key_id
self.secret_access_key = secret_access_key
# AWS Resource-based policy
self.policy = {}
# Additional service information
self.info = ''
# AWS connection
session = boto3.Session(profile_name=self.profile)
self.client = session.client(
self.arn.service,
region_name=self.arn.region,
aws_access_key_id=access_key_id,
aws_secret_access_key=secret_access_key
)
Example #9
| Source File: download_files.py From mendelmd with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def handle(self, *args, **options):
print('Hello World Import Files')
start_time = time.time()
print('Download Files')
command = 'mkdir -p {}/data/files/'.format(settings.BASE_DIR)
run(command, shell=True)
file_list = open('%s/data/files/all_files.txt' % (settings.BASE_DIR), 'w')
s3credentials = S3Credential.objects.all()
for s3credential in s3credentials:
print(s3credential.name)
for bucket_name in s3credential.buckets.splitlines():
session = boto3.Session(
aws_access_key_id=s3credential.access_key,
aws_secret_access_key=s3credential.secret_key
)
s3 = session.resource('s3')
bucket = s3.Bucket(bucket_name)
print(bucket)
for key in bucket.objects.all():
if key.size != 0:
file = [str(key.last_modified), str(key.size), bucket.name, key.key]
file_list.writelines('%s\n' % ('\t'.join(file)))
self.stdout.write(self.style.SUCCESS('Successfully downloaded files!'))
elapsed_time = time.time() - start_time
print('Importing Files Took {}'.format(elapsed_time))
Example #10
| Source File: download_files.py From mendelmd with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def handle(self, *args, **options):
print('Hello World Import Files')
start_time = time.time()
print('Download Files')
command = 'mkdir -p {}/data/files/'.format(settings.BASE_DIR)
run(command, shell=True)
file_list = open('%s/data/files/all_files.txt' % (settings.BASE_DIR), 'w')
s3credentials = S3Credential.objects.all()
for s3credential in s3credentials:
print(s3credential.name)
for bucket_name in s3credential.buckets.splitlines():
session = boto3.Session(
aws_access_key_id=s3credential.access_key,
aws_secret_access_key=s3credential.secret_key
)
s3 = session.resource('s3')
bucket = s3.Bucket(bucket_name)
print(bucket)
for key in bucket.objects.all():
if key.size != 0:
file = [str(key.last_modified), str(key.size), bucket.name, key.key]
file_list.writelines('%s\n' % ('\t'.join(file)))
self.stdout.write(self.style.SUCCESS('Successfully downloaded files!'))
elapsed_time = time.time() - start_time
print('Importing Files Took {}'.format(elapsed_time))
Example #11
| Source File: update_files.py From mendelmd with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def download_files(self):
print('Download Files')
file_list = open('%s/data/files/all_files.txt' % (settings.BASE_DIR), 'w')
s3credentials = S3Credential.objects.all()
for s3credential in s3credentials:
print(s3credential.name)
for bucket_name in s3credential.buckets.splitlines():
session = boto3.Session(
aws_access_key_id=s3credential.access_key,
aws_secret_access_key=s3credential.secret_key
)
s3 = session.resource('s3')
bucket = s3.Bucket(bucket_name)
print(bucket)
for key in bucket.objects.all():
if key.size != 0:
file = [str(key.last_modified), str(key.size), bucket.name, key.key]
file_list.writelines('%s\n' % ('\t'.join(file)))
self.stdout.write(self.style.SUCCESS('Successfully downloaded files!'))
Example #12
| Source File: download_files.py From mendelmd with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def handle(self, *args, **options):
print('Hello World Import Files')
start_time = time.time()
print('Download Files')
command = 'mkdir -p {}/data/files/'.format(settings.BASE_DIR)
run(command, shell=True)
file_list = open('%s/data/files/all_files.txt' % (settings.BASE_DIR), 'w')
s3credentials = S3Credential.objects.all()
for s3credential in s3credentials:
print(s3credential.name)
for bucket_name in s3credential.buckets.splitlines():
session = boto3.Session(
aws_access_key_id=s3credential.access_key,
aws_secret_access_key=s3credential.secret_key
)
s3 = session.resource('s3')
bucket = s3.Bucket(bucket_name)
print(bucket)
for key in bucket.objects.all():
if key.size != 0:
file = [str(key.last_modified), str(key.size), bucket.name, key.key]
file_list.writelines('%s\n' % ('\t'.join(file)))
self.stdout.write(self.style.SUCCESS('Successfully downloaded files!'))
elapsed_time = time.time() - start_time
print('Importing Files Took {}'.format(elapsed_time))
Example #13
| Source File: aws.py From -Deploying-Jenkins-to-the-Cloud-with-DevOps-Tools with MIT License | 6 votes |
|
def aws_client(region, service='ec2', profile=None):
""" Set the boto3 client with the correct service and AWS profile.
Args:
region (str): The AWS region you want this client to connect to.
example us-west-2
Kwargs:
service (str): The service this client will connect to.
profile (str): The aws profile name that is set in ~/.aws/credentials
Basic Usage:
>>> client = aws_client('us-west-2', 'kinesis', profile='prod')
Returns:
botocore.client.EC2
"""
try:
session = boto3.Session(region_name=region, profile_name=profile)
return session.client(service)
except botocore.exceptions.ClientError as e:
raise e
Example #14
| Source File: update_files.py From mendelmd with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def download_files(self):
print('Download Files')
file_list = open('%s/data/files/all_files.txt' % (settings.BASE_DIR), 'w')
s3credentials = S3Credential.objects.all()
for s3credential in s3credentials:
print(s3credential.name)
for bucket_name in s3credential.buckets.splitlines():
session = boto3.Session(
aws_access_key_id=s3credential.access_key,
aws_secret_access_key=s3credential.secret_key
)
s3 = session.resource('s3')
bucket = s3.Bucket(bucket_name)
print(bucket)
for key in bucket.objects.all():
if key.size != 0:
file = [str(key.last_modified), str(key.size), bucket.name, key.key]
file_list.writelines('%s\n' % ('\t'.join(file)))
self.stdout.write(self.style.SUCCESS('Successfully downloaded files!'))
Example #15
| Source File: destroy_cloudwatch_log_event.py From foremast with Apache License 2.0 | 6 votes |
|
def destroy_cloudwatch_log_event(app='', env='dev', region=''):
"""Destroy Cloudwatch log event.
Args:
app (str): Spinnaker Application name.
env (str): Deployment environment.
region (str): AWS region.
Returns:
bool: True upon successful completion.
"""
session = boto3.Session(profile_name=env, region_name=region)
cloudwatch_client = session.client('logs')
# FIXME: see below
# TODO: Log group name is required, where do we get it if it is not in application-master-env.json?
cloudwatch_client.delete_subscription_filter(logGroupName='/aws/lambda/awslimitchecker', filterName=app)
return True
Example #16
| Source File: destroy_s3.py From foremast with Apache License 2.0 | 6 votes |
|
def destroy_s3(app='', env='dev', **_):
"""Destroy S3 Resources for _app_ in _env_.
Args:
app (str): Application name
env (str): Deployment environment/account name
Returns:
boolean: True if destroyed sucessfully
"""
session = boto3.Session(profile_name=env)
client = session.resource('s3')
generated = get_details(app=app, env=env)
archaius = generated.archaius()
bucket = client.Bucket(archaius['bucket'])
for item in bucket.objects.filter(Prefix=archaius['path']):
item.Object().delete()
LOG.info('Deleted: %s/%s', item.bucket_name, item.key)
return True
Example #17
| Source File: dns.py From foremast with Apache License 2.0 | 6 votes |
|
def delete_existing_cname(env, zone_id, dns_name):
"""Delete an existing CNAME record.
This is used when updating to multi-region for deleting old records. The
record can not just be upserted since it changes types.
Args:
env (str): Deployment environment.
zone_id (str): Route53 zone id.
dns_name (str): FQDN of application's dns entry to add/update.
"""
client = boto3.Session(profile_name=env).client('route53')
startrecord = None
newrecord_name = dns_name
startrecord = find_existing_record(env, zone_id, newrecord_name, check_key='Type', check_value='CNAME')
if startrecord:
LOG.info("Deleting old record: %s", newrecord_name)
_response = client.change_resource_record_sets(
HostedZoneId=zone_id, ChangeBatch={'Changes': [{
'Action': 'DELETE',
'ResourceRecordSet': startrecord
}]})
LOG.debug('Response from deleting %s: %s', dns_name, _response)
Example #18
| Source File: dns.py From foremast with Apache License 2.0 | 6 votes |
|
def find_existing_record(env, zone_id, dns_name, check_key=None, check_value=None):
"""Check if a specific DNS record exists.
Args:
env (str): Deployment environment.
zone_id (str): Route53 zone id.
dns_name (str): FQDN of application's dns entry to add/update.
check_key(str): Key to look for in record. Example: "Type"
check_value(str): Value to look for with check_key. Example: "CNAME"
Returns:
json: Found Record. Returns None if no record found
"""
client = boto3.Session(profile_name=env).client('route53')
pager = client.get_paginator('list_resource_record_sets')
existingrecord = None
for rset in pager.paginate(HostedZoneId=zone_id):
for record in rset['ResourceRecordSets']:
if check_key:
if record['Name'].rstrip('.') == dns_name and record.get(check_key) == check_value:
LOG.info("Found existing record: %s", record)
existingrecord = record
break
return existingrecord
Example #19
| Source File: roles.py From foremast with Apache License 2.0 | 6 votes |
|
def get_role_arn(role_name, env, region):
"""Get role ARN given role name.
Args:
role_name (str): Role name to lookup
env (str): Environment in which to lookup
region (str): Region
Returns:
ARN if role found
"""
session = boto3.Session(profile_name=env, region_name=region)
iam_client = session.client('iam')
LOG.debug('Searching for %s.', role_name)
role = iam_client.get_role(RoleName=role_name)
role_arn = role['Role']['Arn']
LOG.debug("Found role's %s ARN %s", role_name, role_arn)
return role_arn
Example #20
| Source File: get_sns_subscriptions.py From foremast with Apache License 2.0 | 6 votes |
|
def get_sns_subscriptions(app_name, env, region):
"""List SNS lambda subscriptions.
Returns:
list: List of Lambda subscribed SNS ARNs.
"""
session = boto3.Session(profile_name=env, region_name=region)
sns_client = session.client('sns')
lambda_alias_arn = get_lambda_alias_arn(app=app_name, account=env, region=region)
lambda_subscriptions = []
subscriptions = sns_client.list_subscriptions()
for subscription in subscriptions['Subscriptions']:
if subscription['Protocol'] == "lambda" and subscription['Endpoint'] == lambda_alias_arn:
lambda_subscriptions.append(subscription['SubscriptionArn'])
if not lambda_subscriptions:
LOG.debug('SNS subscription for function %s not found', lambda_alias_arn)
return lambda_subscriptions
Example #21
| Source File: elb.py From foremast with Apache License 2.0 | 6 votes |
|
def find_elb_dns_zone_id(name='', env='dev', region='us-east-1'):
"""Get an application's AWS elb dns zone id.
Args:
name (str): ELB name
env (str): Environment/account of ELB
region (str): AWS Region
Returns:
str: elb DNS zone ID
"""
LOG.info('Find %s ELB DNS Zone ID in %s [%s].', name, env, region)
client = boto3.Session(profile_name=env).client('elb', region_name=region)
elbs = client.describe_load_balancers(LoadBalancerNames=[name])
return elbs['LoadBalancerDescriptions'][0]['CanonicalHostedZoneNameID']
Example #22
| Source File: credstash.py From credstash with Apache License 2.0 | 6 votes |
|
def get_session(aws_access_key_id=None, aws_secret_access_key=None,
aws_session_token=None, profile_name=None):
if aws_access_key_id is not None:
if aws_access_key_id not in get_session._cached_sessions:
get_session._cached_sessions[aws_access_key_id] = boto3.Session(
aws_access_key_id=aws_access_key_id,
aws_secret_access_key=aws_secret_access_key,
aws_session_token=aws_session_token,
profile_name=profile_name
)
get_session._last_session = get_session._cached_sessions[aws_access_key_id]
return get_session._cached_sessions[aws_access_key_id]
else:
if get_session._last_session is None:
get_session._last_session = boto3.Session(profile_name=profile_name)
return get_session._last_session
Example #23
| Source File: s3.py From omniduct with MIT License | 6 votes |
|
def _get_boto3_session(self):
import boto3
if self.use_opinel:
from opinel.utils.credentials import read_creds
# Refresh access token, and attach credentials to current object for debugging
self._credentials = read_creds(self.aws_profile)
return boto3.Session(
aws_access_key_id=self._credentials['AccessKeyId'],
aws_secret_access_key=self._credentials['SecretAccessKey'],
aws_session_token=self._credentials['SessionToken'],
profile_name=self.aws_profile,
)
return boto3.Session(profile_name=self.aws_profile)
Example #24
| Source File: run.py From aws-cost-report with MIT License | 5 votes |
|
def get_session(profile):
if profile != 'env':
session = boto3.Session(profile_name=profile)
else:
session = boto3.Session()
return session
Example #25
| Source File: db.py From kev with GNU General Public License v3.0 | 5 votes |
|
def __init__(self,**kwargs):
if 'aws_secret_access_key' in kwargs and 'aws_access_key_id' in kwargs:
boto3.Session(aws_secret_access_key=kwargs['aws_secret_access_key'],
aws_access_key_id=kwargs['aws_access_key_id'])
self._db = boto3.resource('s3')
self.bucket = kwargs['bucket']
self._indexer = self.indexer_class(**kwargs['indexer'])
#CRUD Operation Methods
Example #26
| Source File: conftest.py From sagemaker-mxnet-inference-toolkit with Apache License 2.0 | 5 votes |
|
def sagemaker_session(region):
return Session(boto_session=boto3.Session(region_name=region))
Example #27
| Source File: conftest.py From sagemaker-mxnet-inference-toolkit with Apache License 2.0 | 5 votes |
|
def sagemaker_local_session(region):
return LocalSession(boto_session=boto3.Session(region_name=region))
Example #28
| Source File: db.py From kev with GNU General Public License v3.0 | 5 votes |
|
def __init__(self,**kwargs):
#
session_kwargs = {k: v for k, v in kwargs.items() if k in
self.session_kwargs}
if len(session_kwargs.keys()) > 0:
boto3.Session(**session_kwargs)
self._db = boto3.resource('s3')
self.bucket = kwargs['bucket']
self._indexer = self._db.Bucket(self.bucket)
#CRUD Operation Methods
Example #29
| Source File: get_ec2_data.py From aws-cost-report with MIT License | 5 votes |
|
def boto_session_getter(profile, region):
global boto_sessions
if (profile, region) in boto_sessions:
return boto_sessions[(profile, region)]
session = boto3.Session(profile_name=profile, region_name=region)
ec2 = session.client('ec2')
boto_sessions[(profile, region)] = ec2
return ec2
Example #30
| Source File: override_test.py From ssm-cache-python with MIT License | 5 votes |
|
def test_with_placebo(self):
""" Test that set_ssm_client works fine with Placebo """
session = boto3.Session()
pill = placebo.attach(session, data_path=self.PLACEBO_PATH)
pill.playback()
client = session.client('ssm')
SSMParameter.set_ssm_client(client)
param = SSMParameter("my_param")
self.assertEqual(param.value, self.PARAM_VALUE)
