def create_botocore_session(profile=None, debug=False): # type: (str, bool) -> session.Session s = session.Session(profile=profile) _add_chalice_user_agent(s) if debug: s.set_debug_logger('') _inject_large_request_body_filter() return s
def load_boto_session_from_config(config: Dict[str, Any]) -> boto.Session: if config.get('from_environment', False): session = boto.get_session() else: access_key = config['access_key'] secret_key = config['secret_key'] session = boto.Session() session.set_credentials(access_key, secret_key) _patch_boto(session) return session
def __init__(self, configuration): super(AmazonElasticsearchService, self).__init__(configuration) region = configuration['region'] cred = None if configuration.get('use_aws_iam_profile', False): cred = credentials.get_credentials(session.Session()) else: cred = credentials.Credentials( access_key=configuration.get('access_key', ''), secret_key=configuration.get('secret_key', '')) self.auth = AWSV4Sign(cred, region, 'es')
def __init__(self, configuration): super(AmazonElasticsearchService, self).__init__(configuration) region = configuration["region"] cred = None if configuration.get("use_aws_iam_profile", False): cred = credentials.get_credentials(session.Session()) else: cred = credentials.Credentials( access_key=configuration.get("access_key", ""), secret_key=configuration.get("secret_key", ""), ) self.auth = AWSV4Sign(cred, region, "es")
def _get_v4_signed_headers(self): """Returns V4 signed get-caller-identity request headers""" if self.aws_session is None: boto_session = session.Session() creds = boto_session.get_credentials() else: creds = self.aws_session.get_credentials() if creds is None: raise CerberusClientException("Unable to locate AWS credentials") readonly_credentials = creds.get_frozen_credentials() # hardcode get-caller-identity request data = OrderedDict((('Action','GetCallerIdentity'), ('Version', '2011-06-15'))) url = 'https://sts.{}.amazonaws.com/'.format(self.region) request_object = awsrequest.AWSRequest(method='POST', url=url, data=data) signer = auth.SigV4Auth(readonly_credentials, 'sts', self.region) signer.add_auth(request_object) return request_object.headers
''' Credits to Mathew Marcus (2019) https://www.mathewmarcus.com/blog/ http://archive.is/nXkCb Small syntax and organization modifications were made to the original code. ''' import asyncio import json import os from typing import Dict, List, Optional import urllib import aiohttp from botocore import session, awsrequest, auth AWS_CREDENTIALS = session.Session().get_credentials() LAMBDA_ENDPOINT = 'https://lambda.{region}.amazonaws.com/2015-03-31/functions' def sign_headers(*, url: str, payload: Dict, invocation_type: str): '''Sign AWS API request headers''' segments = urllib.parse.urlparse(url).netloc.split('.') service = segments[0] region = segments[1] request = awsrequest.AWSRequest(method='POST', url=url, data=json.dumps(payload), headers={ 'X-Amz-Invocation-Type': invocation_type,