async def _validate_aws_credentials(hass, credential): """Validate AWS credential config.""" import aiobotocore aws_config = credential.copy() del aws_config[CONF_NAME] del aws_config[CONF_VALIDATE] profile = aws_config.get(CONF_PROFILE_NAME) if profile is not None: session = aiobotocore.AioSession(profile=profile) del aws_config[CONF_PROFILE_NAME] if CONF_ACCESS_KEY_ID in aws_config: del aws_config[CONF_ACCESS_KEY_ID] if CONF_SECRET_ACCESS_KEY in aws_config: del aws_config[CONF_SECRET_ACCESS_KEY] else: session = aiobotocore.AioSession() if credential[CONF_VALIDATE]: async with session.create_client("iam", **aws_config) as client: await client.get_user() return session
async def async_get_service(hass, config, discovery_info=None): """Get the AWS notification service.""" if discovery_info is None: _LOGGER.error("Please config aws notify platform in aws component") return None session = None conf = discovery_info service = conf[CONF_SERVICE] region_name = conf[CONF_REGION] available_regions = await get_available_regions(hass, service) if region_name not in available_regions: _LOGGER.error( "Region %s is not available for %s service, must in %s", region_name, service, available_regions, ) return None aws_config = conf.copy() del aws_config[CONF_SERVICE] del aws_config[CONF_REGION] if CONF_PLATFORM in aws_config: del aws_config[CONF_PLATFORM] if CONF_NAME in aws_config: del aws_config[CONF_NAME] if CONF_CONTEXT in aws_config: del aws_config[CONF_CONTEXT] if not aws_config: # no platform config, use the first aws component credential instead if hass.data[DATA_SESSIONS]: session = next(iter(hass.data[DATA_SESSIONS].values())) else: _LOGGER.error("Missing aws credential for %s", config[CONF_NAME]) return None if session is None: credential_name = aws_config.get(CONF_CREDENTIAL_NAME) if credential_name is not None: session = hass.data[DATA_SESSIONS].get(credential_name) if session is None: _LOGGER.warning("No available aws session for %s", credential_name) del aws_config[CONF_CREDENTIAL_NAME] if session is None: if (profile := aws_config.get(CONF_PROFILE_NAME)) is not None: session = aiobotocore.AioSession(profile=profile) del aws_config[CONF_PROFILE_NAME] else: session = aiobotocore.AioSession()
async def run(args): LOGGER.info('Starting') # authenticated sessions wb_session = aiobotocore.AioSession(profile=args.whitebox_profile) bb_session = aiobotocore.AioSession(profile=args.blackbox_profile) # unauthenticated session config = AioConfig(signature_version=UNSIGNED) session = aiobotocore.get_session() async with session.create_client('s3', region_name='us-east-1', config=config) as anonymous_client: async with wb_session.create_client( 's3', region_name='us-east-1') as wb_client: async with bb_session.create_client( 's3', region_name='us-east-1') as bb_client: with open( f's3-whitebox_results_{args.whitebox_profile}_{time.strftime("%Y-%m-%d-%H%M%S")}.csv', 'a') as csv_out: csv_writer = csv.writer(csv_out, delimiter=',') csv_writer.writerow( ['bucket', 'object', 'content-type', 'url', 'access']) buckets = await wb_client.list_buckets() bucket_tasks = [] for bucket in buckets.get('Buckets'): try: bucket_location = await wb_client.get_bucket_location( Bucket=bucket.get('Name')) bucket_region = bucket_location.get( 'LocationConstraint', 'us-east-1') if not bucket_region: bucket_region = 'us-east-1' except Exception as e: bucket_region = 'us-east-1' finally: bucket_tasks.append( test_bucket(bucket.get('Name'), bucket_region, wb_client, bb_client, anonymous_client, csv_writer)) await asyncio.gather(*bucket_tasks) LOGGER.info('Done')
def session(self): if self._session is None: if self.profile: _LOGGER.debug("Load aiobotocore session from profile %s", self.profile) self._session = aiobotocore.AioSession(profile=self.profile) else: _LOGGER.debug("Load default aiobotocore session") self._session = aiobotocore.get_session() return self._session
async def _validate_aws_credentials(hass, credential): """Validate AWS credential config.""" aws_config = credential.copy() del aws_config[CONF_NAME] del aws_config[CONF_VALIDATE] if (profile := aws_config.get(CONF_PROFILE_NAME)) is not None: session = aiobotocore.AioSession(profile=profile) del aws_config[CONF_PROFILE_NAME] if CONF_ACCESS_KEY_ID in aws_config: del aws_config[CONF_ACCESS_KEY_ID] if CONF_SECRET_ACCESS_KEY in aws_config: del aws_config[CONF_SECRET_ACCESS_KEY]
def session(self): if self._session is None: if self.profile: _LOGGER.debug("Load aiobotocore session from profile %s", self.profile) self._session = aiobotocore.AioSession(profile=self.profile) elif os.environ.get("AWS_ACCESS_KEY_ID") and os.environ.get( "AWS_SECRET_ACCESS_KEY" ): _LOGGER.debug("Load aiobotocore session from environment") kwargs = { "aws_access_key_id": os.environ.get("AWS_ACCESS_KEY_ID"), "aws_secret_access_key": os.environ.get("AWS_SECRET_ACCESS_KEY"), "region_name": os.getenv("AWS_DEFAULT_REGION", self.region), } if os.environ.get("AWS_SESSION_TOKEN"): kwargs["aws_session_token"] = os.environ.get("AWS_SESSION_TOKEN") self._session = aiobotocore.get_session(**kwargs) else: _LOGGER.debug("Load default aiobotocore session") self._session = aiobotocore.get_session() return self._session
async def async_get_service(opp, config, discovery_info=None): """Get the AWS notification service.""" if discovery_info is None: _LOGGER.error("Please config aws notify platform in aws component") return None session = None conf = discovery_info service = conf[CONF_SERVICE] region_name = conf[CONF_REGION] available_regions = await get_available_regions(opp, service) if region_name not in available_regions: _LOGGER.error( "Region %s is not available for %s service, must in %s", region_name, service, available_regions, ) return None aws_config = conf.copy() del aws_config[CONF_SERVICE] del aws_config[CONF_REGION] if CONF_PLATFORM in aws_config: del aws_config[CONF_PLATFORM] if CONF_NAME in aws_config: del aws_config[CONF_NAME] if CONF_CONTEXT in aws_config: del aws_config[CONF_CONTEXT] if not aws_config: # no platform config, use the first aws component credential instead if opp.data[DATA_SESSIONS]: session = next(iter(opp.data[DATA_SESSIONS].values())) else: _LOGGER.error("Missing aws credential for %s", config[CONF_NAME]) return None if session is None: credential_name = aws_config.get(CONF_CREDENTIAL_NAME) if credential_name is not None: session = opp.data[DATA_SESSIONS].get(credential_name) if session is None: _LOGGER.warning("No available aws session for %s", credential_name) del aws_config[CONF_CREDENTIAL_NAME] if session is None: profile = aws_config.get(CONF_PROFILE_NAME) if profile is not None: session = aiobotocore.AioSession(profile=profile) del aws_config[CONF_PROFILE_NAME] else: session = aiobotocore.AioSession() aws_config[CONF_REGION] = region_name if service == "lambda": context_str = json.dumps({"custom": conf.get(CONF_CONTEXT, {})}, cls=JSONEncoder) context_b64 = base64.b64encode(context_str.encode("utf-8")) context = context_b64.decode("utf-8") return AWSLambda(session, aws_config, context) if service == "sns": return AWSSNS(session, aws_config) if service == "sqs": return AWSSQS(session, aws_config) # should not reach here since service was checked in schema return None
# have to use discovery to load platform. for notify_config in conf[CONF_NOTIFY]: hass.async_create_task( discovery.async_load_platform(hass, "notify", DOMAIN, notify_config, config)) return validation async def _validate_aws_credentials(hass, credential): """Validate AWS credential config.""" aws_config = credential.copy() del aws_config[CONF_NAME] del aws_config[CONF_VALIDATE] if (profile := aws_config.get(CONF_PROFILE_NAME)) is not None: session = aiobotocore.AioSession(profile=profile) del aws_config[CONF_PROFILE_NAME] if CONF_ACCESS_KEY_ID in aws_config: del aws_config[CONF_ACCESS_KEY_ID] if CONF_SECRET_ACCESS_KEY in aws_config: del aws_config[CONF_SECRET_ACCESS_KEY] else: session = aiobotocore.AioSession() if credential[CONF_VALIDATE]: async with session.create_client("iam", **aws_config) as client: await client.get_user() return session