Extensions to the AWS SDK for Python
Project description
Overview
This module adds more resource files to the Boto3 library and includes some functionality enhancements.
Quick Start
First, install the library:
$ pip install boto3_extensions
Follow the Boto3 docs on setting up your region and credentials (https://github.com/boto/boto3).
Then, from a Python interpreter:
>>> import boto3
>>> import boto3_extensions
>>> r = boto3.resource('cloudtrail', region_name='us-east-1')
>>> for trail in r.trails.all():
print(trail.trail_arn)
Resource Files
The following resource files are added to the Boto3 library.
acm
autoscaling
cloudfront
cloudtrail
cur
datapipeline
directconnect
elasticache
elb
elbv2
emr
glue
health
kinesis
lambda
rds
redshift
route53
support
The following resource files are updated in the Boto3 library.
dynamodb
ec2
iam
s3
RefreshableAssumeRoleProvider
If your code needs to AssumeRole into another role before performing actions against the AWS API (be it in the same or another AWS account), you run the risk that the credentials you are using expire during their use. You can either add code to your application to constantly check the credential expiry time or using this extension offload the credential refresh to boto3 itself. By using the ConnectionManager in boto3_extensions not only will it automattically assumeRole when the credentials get below 15 mins left, but it will also cache the credentials. This means that if your application is calling boto3 to get credentials for another role more than once the ConnectionManager will cache the first call and then hand out the same session for the subsequent calls.
>>> role_arn = 'arn:aws:iam::1234567890:role/test-role'
>>> role_session_name = 'test'
>>> connections = boto3_extensions.ConnectionManager(region_name='us-east-1')
>>> session = connections.get_session(role_arn=role_arn, role_session_name=role_session_name)
>>>
>>> r = session.resource('cloudtrail', region_name='us-east-1')
>>> for trail in r.trails.all():
>>> print(trail.trail_arn)
ARN Patch
It would be nice to have a consistent way to get the ARN of resources. The ARN patch feature of boto3_extensions allows you to get the arn from resources via an arn attribute.
>>> import boto3
>>> import boto3_extensions
>>> from imp import reload
>>> boto3_extensions.arn_patch_boto3()
>>> reload(boto3)
>>>
>>> r = boto3.resource('rds', region_name='us-east-1')
>>> for db in r.db_instances.all():
>>> print(db.arn)
Session Caching
There is basic Session caching builtin that simply stores the Session
for a each assumed Role into a dict, but if you require another caching mechanism you can monkey patch the boto3_extensions.Cache
class, as long as you supply the Cache.get()
and Cache.set()
methods.
>>> import boto3
>>> import boto3_extensions
>>> from boto3_extensions import ConnectionManager
>>> class MyCache:
def __init__(self):
self._cache = {}
def get(self, role_arn, role_session_name):
print("inside MyCache.get()")
return self._cache.get((role_arn, role_session_name), None)
def set(self, role_arn, role_session_name, session):
print("inside MyCache.set()")
self._cache[(role_arn, role_session_name)] = session
>>> boto3_extensions.Cache = MyCache
>>> connections = ConnectionManager()
>>> connections.get_session(role_arn="arn:aws:iam::012345678912:role/test_role", role_session_name="testing")
inside MyCache.get()
inside MyCache.set()
>>> connections.get_session(role_arn="arn:aws:iam::012345678912:role/test_role", role_session_name="testing")
inside MyCache.get()
In the above we monkey patch the Cache
class and call get_session()
twice. The output shows that the first time we have a cache get which results in a cache miss and thena cache set after the credential is retrieved from STS. We then run get_session()
a second time and as the Session
is now cached we only see a cache get resulting in a cache hit.
Getting Help
Please raise issue ticket inside our Bitbucket repo: https://bitbucket.org/atlassian/boto3_extensions/issues
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.