A poetry plugin to help with AWS CodeArtifact authorization automatically
Project description
Poetry AWS Plugin
This is a poetry plugin to help with AWS CodeArtifact authorization by automatically getting the authorization token.
When installing or publishing packages through poetry, the plugin will check whether the command requires CodeArtifact authorization, and if so, adds it automatically.
The plugin will try two methods of authorization, in this order:
- Use AWS credentials to run
sts.AssumeRole, then use that role to runcodeartifact.GetAuthorizationToken. - Use AWS credentials to run
codeartifact.GetAuthorizationToken.
Installation
To install the plugin
poetry self add poetry-aws-plugin
To uninstall the plugin
poetry self remove poetry-aws-plugin
Usage
You must ensure that your AWS credentials are configured and discoverable by boto3. The boto3 documentation has details on how to configure your credentials and the order in which they searched.
When poetry runs a command that uses CodeArtifact, the plugin will automatically check whether the command needs authorization, and if so, requests a CodeArtifact authorization token and adds it to the command.
Your AWS credentials must be authorized to do atleast one of the following:
- Run
codeartifact.GetAuthorizationToken. - Run
sts.AssumeRoleto assume a role with authorization to runcodeartifact.GetAuthorizationToken.
To use IAM roles to authorize, set the environment variable POETRY_AWS_PLUGIN_ROLE_ARN to the role's ARN before running any poetry commands.
For example:
POETRY_AWS_PLUGIN_ROLE_ARN='arn:aws:codeartifact:<region>:<account-id>:repository/<domain>/<domain-owner>/<repository>' poetry install
or
echo "export POETRY_AWS_PLUGIN_ROLE_ARN='arn:aws:codeartifact:<region>:<account-id>:repository/<domain>/<domain-owner>/<repository>'" >> ~/.bashrc
source ~/.bashrc
poetry install
You can find more details in AWS's CodeArtifact authentication and tokens documentation and CodeArtifact IAM documentation.
Misc
You can also authorize by setting the environment variable POETRY_AWS_PLUGIN_AUTH_TOKEN to the CodeArtifact authorization token. This may be useful in CI/CD pipelines and reducing poetry configuration.
For example:
POETRY_AWS_PLUGIN_AUTH_TOKEN='<codeartifact-authorization-token>' poetry install
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file poetry_aws_plugin-0.1.11.tar.gz.
File metadata
- Download URL: poetry_aws_plugin-0.1.11.tar.gz
- Upload date:
- Size: 4.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.2 CPython/3.10.13 Linux/6.2.0-1019-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f4f724757486897b4da3b39baf39caf604fca81d52d4cb7406258b3a5d254b0d |
|
| MD5 | dddbcb818bb35a7c7cbaece199188941 |
|
| BLAKE2b-256 | 7835a9e6f3133387ba46b83ae5ce4437492d9b9d5f9988014d1740b739d837cb |
File details
Details for the file poetry_aws_plugin-0.1.11-py3-none-any.whl.
File metadata
- Download URL: poetry_aws_plugin-0.1.11-py3-none-any.whl
- Upload date:
- Size: 5.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.8.2 CPython/3.10.13 Linux/6.2.0-1019-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | bd938f58623bc9bd1da033b51ee807bc53a6ef1874ccd9e2344ca1c06960602b |
|
| MD5 | 4b15e165350064c28785352319d14676 |
|
| BLAKE2b-256 | f017ed9bc8a9ed9202f31906f4471076e794ac5f3023d32efb7662007b140140 |
