A library to work with AWS ARNs

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for gabrielsoltz from gravatar.com gabrielsoltz

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

aws-arn

PyPI version Python Version License: MIT Test

A library and CLI tool to work with AWS ARNs (Amazon Resource Names).

Contains definitions for almost all AWS services and resources, including their ARN format, ID regexp, ASFF name, CloudFormation resource type, and Terraform resource type.

The full reference table is available as:

The docs are regenerated automatically by a GitHub Action whenever aws_arn/data.py changes.

Installation

pip install aws-arn

Use Cases

  • Parse an ARN into all its components (service, resource, region, account, resource ID, Terraform type, CloudFormation type, ASFF name)
  • Generate ARNs from:
    • Service + resource name (e.g. acm + certificate)
    • Terraform resource type (e.g. aws_acm_certificate)
    • CloudFormation resource type (e.g. AWS::CertificateManager::Certificate)
    • ASFF resource name (e.g. AwsCertificateManagerCertificate)
  • Validate a resource ID against its expected regexp
  • Look up the service and sub-service for any ARN, Terraform, CloudFormation, or ASFF identifier

Python Library

Generate ARN

import aws_arn

# From service and resource name
aws_arn.generate_arn('i-1234568901', 'ec2', 'instance', 'us-east-1', '012345789012', 'aws')
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

# From Terraform resource type
aws_arn.generate_arn_from_terraform('i-1234568901', 'aws_instance', 'us-east-1', '012345789012', 'aws')
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

# From CloudFormation resource type
aws_arn.generate_arn_from_cloudformation('i-1234568901', 'AWS::EC2::Instance', 'us-east-1', '012345789012', 'aws')
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

# From ASFF resource name
aws_arn.generate_arn_from_asff('i-1234568901', 'AwsEc2Instance', 'us-east-1', '012345789012', 'aws')
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

Parse ARN

import aws_arn

aws_arn.parse_arn('arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901')
# {
#   'service': 'ec2',
#   'sub_service': 'instance',
#   'region': 'us-east-1',
#   'account': '012345789012',
#   'resource_id': 'i-1234568901',
#   'asff_resource': 'AwsEc2Instance',
#   'terraform': 'aws_instance',
#   'cloudformation': 'AWS::EC2::Instance'
# }

Validate Resource ID

import aws_arn

aws_arn.check_resource_id_regexp('i-1234567890abcdef0', 'ec2', 'instance')  # True
aws_arn.check_resource_id_regexp('not-valid', 'ec2', 'instance')            # False

Look Up Service

import aws_arn

aws_arn.get_service_from_terraform('aws_acm_certificate')
# ('acm', 'certificate')

aws_arn.get_service_from_cloudformation('AWS::CertificateManager::Certificate')
# ('acm', 'certificate')

aws_arn.get_service_from_asff('AwsCertificateManagerCertificate')
# ('acm', 'certificate')

CLI Tool

Generate ARN

# From service and resource name
aws-arn --generate-arn \
  --service ec2 --sub-service instance \
  --id i-1234568901 --region us-east-1 --account 012345789012 --partition aws
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

# From Terraform resource type
aws-arn --generate-arn-from-terraform \
  --terraform aws_instance \
  --id i-1234568901 --region us-east-1 --account 012345789012 --partition aws
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

# From CloudFormation resource type
aws-arn --generate-arn-from-cloudformation \
  --cloudformation AWS::EC2::Instance \
  --id i-1234568901 --region us-east-1 --account 012345789012 --partition aws
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

# From ASFF resource name
aws-arn --generate-arn-from-asff \
  --asff-resource AwsEc2Instance \
  --id i-1234568901 --region us-east-1 --account 012345789012 --partition aws
# arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901

Parse ARN

aws-arn --parse-arn arn:aws:ec2:us-east-1:012345789012:instance/i-1234568901
# {'service': 'ec2', 'sub_service': 'instance', 'region': 'us-east-1',
#  'account': '012345789012', 'resource_id': 'i-1234568901',
#  'asff_resource': 'AwsEc2Instance', 'terraform': 'aws_instance',
#  'cloudformation': 'AWS::EC2::Instance'}

Look Up Service

# From an ARN
aws-arn --get-service arn:aws:acm:us-east-1:012345789012:certificate/abc-123
# ('acm', 'certificate')

# From a Terraform resource type
aws-arn --get-service aws_acm_certificate
# ('acm', 'certificate')

# From a CloudFormation resource type
aws-arn --get-service AWS::CertificateManager::Certificate
# ('acm', 'certificate')

Validate Resource ID

aws-arn --validate-id --service ec2 --sub-service instance --id i-1234567890abcdef0
# True

List Services and Resources

aws-arn --list-services
aws-arn --list-sub-services

Contributing

Work in progress — not all services and resources are included yet. Please open an issue or pull request if you find any errors or omissions.

The data is defined in aws_arn/data.py as a Python dictionary. Each entry follows this structure:

"acm": {                          # Service name (follows boto3 naming)
    "certificate": {              # Resource name (follows boto3 naming)
        "arn_format":     "arn:{partition}:acm:{region}:{account}:certificate/{resource_id}",
        "id_name":        "CertificateId",
        "id_regexp":      "([a-z0-9-]+)",
        "asff_name":      "AwsCertificateManagerCertificate",
        "cloudformation": "AWS::CertificateManager::Certificate",
        "terraform":      "aws_acm_certificate",
    }
},

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for gabrielsoltz from gravatar.com gabrielsoltz

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

0.0.19

0.0.18

0.0.17

0.0.16

0.0.15

0.0.14

0.0.13

0.0.11

0.0.10

0.0.9

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

0.0.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aws_arn-0.1.0.tar.gz (43.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aws_arn-0.1.0-py3-none-any.whl (39.1 kB view details)

Uploaded Python 3

File details

Details for the file aws_arn-0.1.0.tar.gz.

File metadata

  • Download URL: aws_arn-0.1.0.tar.gz
  • Upload date:
  • Size: 43.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aws_arn-0.1.0.tar.gz
Algorithm Hash digest
SHA256 acb8df8c7c0323705efd71694e724c4a93cb832e5a31b36c11dd1fbf0b32cb76
MD5 54d7f219002f8f100971768ce49540e2
BLAKE2b-256 a013b6a2bd1a176f34fc46e1d8767b9c604386a363b857d6dff38e71d3e7726c

See more details on using hashes here.

Provenance

The following attestation bundles were made for aws_arn-0.1.0.tar.gz:

Publisher: python-publish.yml on gabrielsoltz/aws-arn

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file aws_arn-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: aws_arn-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 39.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aws_arn-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 f7d1bcbc6caabefadd9e432aa63540e078596fbcee26e6556fdce483c0d877c2
MD5 030717c329cdac0bafbe72a6f6b43142
BLAKE2b-256 f7733f971cc3714bc21554e384c5dae574d5600f1aed1327a295c9fe33e02f41

See more details on using hashes here.

Provenance

The following attestation bundles were made for aws_arn-0.1.0-py3-none-any.whl:

Publisher: python-publish.yml on gabrielsoltz/aws-arn

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page