Implements means of authorization delegation on cloud-based resource providers.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for vahid from gravatar.com vahid

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT

Author: Vahid Jalili

Tags Cloud, Authorization, Access

Classifiers

Project description

CloudAuthz

Installation

Install the latest release from PyPi:

pip install cloudauthz

Example

CloudAuthz can authorize access to Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). An example for each provider is given in the following.

Amazon Web Services

from cloudauthz import *

cloudauthz = CloudAuthz()
config = {
    "id_token": " ... ",
    "role_arn": " ... "
}
credentials = cloudauthz.authorize("aws", config)

The credentials object is a dictionary as the following:

{
  "SecretAccessKey": " ... ", 
  "SessionToken": " ... ", 
  "Expiration": "2019-05-28T02:12:45Z", 
  "AccessKeyId": " ... "
}

Microsoft Azure

from cloudauthz import *

cloudauthz = CloudAuthz()
config = {
    "tenant_id": " ... ",
    "client_id": " ... ",
    "client_secret": " ... "
}
credentials = cloudauthz.authorize("azure", config)

The credentials object is a dictionary as the following:

{
    "expiresIn": 3599,
    "_authority": "https://login.microsoftonline.com/TENANT_ID",
    "resource": "https://storage.azure.com/",
    "tokenType": "Bearer",
    "expiresOn": "2018-06-28 12:30:24.895661",
    "isMRRT": true,
    "_clientId": " ... ",
    "accessToken": " ... ",
}

Google Cloud Platform

from cloudauthz import *

cloudauthz = CloudAuthz()
config = {
    "client_service_account": " ... ", 
    "server_credentials": " ... "}
credentials = cloudauthz.authorize("gcp", config)

The credentials object is an instance of oauth2client.client.AccessTokenCredentials. GCP clients can be constructed using this object; however, if an access token is required, you may obtain one using the access_token property of this instance:

credentials.access_token

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for vahid from gravatar.com vahid

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT

Author: Vahid Jalili

Tags Cloud, Authorization, Access

Classifiers

Release history Release notifications | RSS feed

0.6.0

0.5.0

This version

0.4.0

0.3.0

0.2.0

0.1.0

0.0.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cloudauthz-0.4.0.tar.gz (6.8 kB view hashes)

Uploaded Source

Built Distribution

cloudauthz-0.4.0-py2.py3-none-any.whl (9.6 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page