def __get_bucket_policy(self): referer_name = self.__get_referer_unique_id() bucket_name = EnvironmentVariables.get_storage_unique_id(self.__bucket_name) canonical_user = self.__cfg.get_parameter("Instances", "CanonicalUserId") with open(self.__bucket_policy_path, "r") as policy_file: bucket_policy = policy_file.read().replace('\n', '').replace('\t', '').replace('BUCKETNAME', bucket_name).replace('REFERERNAME', referer_name).replace("CANONICALUSER",canonical_user) return bucket_policy
def __init__(self): self.__cfg = ConfigMgr() self.__bucket_name = self.__cfg.get_parameter("Instances", "NamingPrefix") self.__bucket_unique_id = EnvironmentVariables.get_storage_unique_id(self.__bucket_name) self.__bucket_policy_path = self.__cfg.get_parameter("Instances", "BucketPolicyPath") self.__current_instance_name = EnvironmentVariables.get_current_instance_name() credentials = EnvironmentVariables.get_instance_credentials().split(" ") self.__s3 = S3Connection(aws_access_key_id=credentials[0], aws_secret_access_key=credentials[1], security_token=credentials[2])
def strict_dynamic_role(self, iam_role_name): with open(self.__iam_strict_policy_path, "r") as policy_file: bucket_unique_id = EnvironmentVariables.get_storage_unique_id(self.__prefix_name) iam_policy_document = policy_file.read().replace("BUCKETNAME", bucket_unique_id) self.__conn.put_role_policy(iam_role_name, self.__iam_policy_name, iam_policy_document)