Skip to main content

Extensions to the AWS SDK for Python

Project description

Boto3 Extensions

Overview

This module adds more resource files to the Boto3 library and includes some functionality enhancements.

Quick Start

First, install the library:

$ pip install boto3_extensions

Follow the Boto3 docs on setting up your region and credentials (https://github.com/boto/boto3).

Then, from a Python interpreter:

import boto3
import boto3_extensions

r = boto3.resource('cloudtrail', region_name='us-east-1')
for trail in r.trails.all():
    print(trail.trail_arn)

Resource Files

The following resource files are added to the Boto3 library.

  • acm
  • autoscaling
  • cloudfront
  • cloudtrail
  • cur
  • datapipeline
  • directconnect
  • elasticache
  • elb
  • elbv2
  • emr
  • glue
  • health
  • kinesis
  • lambda
  • rds
  • redshift
  • route53
  • support

The following resource files are updated in the Boto3 library.

  • dynamodb
  • ec2
  • iam
  • s3

RefreshableAssumeRoleProvider

If your code needs to AssumeRole into another role before performing actions against the AWS API (be it in the same or another AWS account), you run the risk that the credentials you are using expire during their use. You can either add code to your application to constantly check the credential expiry time or using this extension offload the credential refresh to boto3 itself. By using the ConnectionManager in boto3_extensions not only will it automattically assumeRole when the credentials get below 15 mins left, but it will also cache the credentials. This means that if your application is calling boto3 to get credentials for another role more than once the ConnectionManager will cache the first call and then hand out the same session for the subsequent calls.

role_arn = 'arn:aws:iam::1234567890:role/test-role'
role_session_name = 'test'
connections = boto3_extensions.ConnectionManager(region_name='us-east-1')
session = connections.get_session(role_arn=role_arn, role_session_name=role_session_name)

r = session.resource('cloudtrail', region_name='us-east-1')
for trail in r.trails.all():
    print(trail.trail_arn)

ARN Patch

It would be nice to have a consistent way to get the ARN of resources. The ARN patch feature of boto3_extensions allows you to get the arn from resources via an arn attribute.

import boto3
import boto3_extensions
from imp import reload
boto3_extensions.arn_patch_boto3()
reload(boto3)

r = boto3.resource('rds', region_name='us-east-1')
for db in r.db_instances.all():
    print(db.arn)

Session Caching

There is basic Session caching builtin that simply stores the Session for a each assumed Role into a dict, but if you require another caching mechanism you can monkey patch the boto3_extensions.Cache class, as long as you supply the Cache.get() and Cache.set() methods.

import boto3
import boto3_extensions
from boto3_extensions import ConnectionManager

class MyCache:
    def __init__(self):
        self._cache = {}

    def get(self, role_arn, role_session_name):
        print("inside MyCache.get()")
        return self._cache.get((role_arn, role_session_name), None)

    def set(self, role_arn, role_session_name, session):
        print("inside MyCache.set()")
        self._cache[(role_arn, role_session_name)] = session

boto3_extensions.Cache = MyCache
connections = ConnectionManager()

connections.get_session(role_arn="arn:aws:iam::012345678912:role/test_role", role_session_name="testing")
inside MyCache.get()
inside MyCache.set()

connections.get_session(role_arn="arn:aws:iam::012345678912:role/test_role", role_session_name="testing")
inside MyCache.get()

In the above we monkey patch the Cache class and call get_session() twice. The output shows that the first time we have a cache get which results in a cache miss and thena cache set after the credential is retrieved from STS. We then run get_session() a second time and as the Session is now cached we only see a cache get resulting in a cache hit.

Getting Help

Please raise issue ticket inside our Bitbucket repo: https://bitbucket.org/atlassian/boto3_extensions/issues

License

Copyright (c) 2023 Atlassian US., Inc. Apache 2.0 licensed, see LICENSE file.

Developing

To develop this library, you will need to install the following:

# Install development environment and setup pre-commit hooks
$ make setup

With thanks from Atlassian

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

boto3_extensions-0.23.0.tar.gz (37.7 kB view details)

Uploaded Source

Built Distribution

boto3_extensions-0.23.0-py3-none-any.whl (58.5 kB view details)

Uploaded Python 3

File details

Details for the file boto3_extensions-0.23.0.tar.gz.

File metadata

  • Download URL: boto3_extensions-0.23.0.tar.gz
  • Upload date:
  • Size: 37.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.7.1 CPython/3.8.18 Linux/5.10.101

File hashes

Hashes for boto3_extensions-0.23.0.tar.gz
Algorithm Hash digest
SHA256 ec029d69ce210221fe9e692c0afa4db11b9505f5c54559b5053fdf67323f42e3
MD5 b0ad2afb159f3578c3e559f7b90ffbd1
BLAKE2b-256 0864a98bfb56b209ffbdc52e02c57e76d786f38397422932c96033234c0b95be

See more details on using hashes here.

File details

Details for the file boto3_extensions-0.23.0-py3-none-any.whl.

File metadata

File hashes

Hashes for boto3_extensions-0.23.0-py3-none-any.whl
Algorithm Hash digest
SHA256 846c44c505e588e451a5f360ce71d5b86545e12881bfcedc7a46ca259e21ad1f
MD5 d8bace2d466164716bcbe9cba6d27a40
BLAKE2b-256 810bbb28edb4d83ad5f647cc81c78e0979fa9a44a19804f167f7df856be7a029

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page