def load_creds(profile: Optional[str] = None) -> ReadOnlyCredentials:
session = mk_boto_session(profile=profile)
creds = get_creds_with_retry(session)
if creds is None:
raise ValueError("Failed to obtain credentials")
return creds.get_frozen_credentials()
def test_get_aws_settings(monkeypatch, without_aws_env):
pp = write_files({
"config":
"""
[default]
region = us-west-2
[profile east]
region = us-east-1
[profile no_region]
""",
"credentials":
"""
[default]
aws_access_key_id = AKIAWYXYXYXYXYXYXYXY
aws_secret_access_key = fake-fake-fake
[east]
aws_access_key_id = AKIAEYXYXYXYXYXYXYXY
aws_secret_access_key = fake-fake-fake
"""
})
assert (pp / "credentials").exists()
assert (pp / "config").exists()
monkeypatch.setenv("AWS_CONFIG_FILE", str(pp / "config"))
monkeypatch.setenv("AWS_SHARED_CREDENTIALS_FILE", str(pp / "credentials"))
aws, creds = get_aws_settings()
assert aws['region_name'] == 'us-west-2'
assert aws['aws_access_key_id'] == 'AKIAWYXYXYXYXYXYXYXY'
assert aws['aws_secret_access_key'] == 'fake-fake-fake'
sess = mk_boto_session(profile="no_region",
creds=creds.get_frozen_credentials(),
region_name="mordor")
assert sess.get_credentials().get_frozen_credentials(
) == creds.get_frozen_credentials()
aws, creds = get_aws_settings(profile='east')
assert aws['region_name'] == 'us-east-1'
assert aws['aws_access_key_id'] == 'AKIAEYXYXYXYXYXYXYXY'
assert aws['aws_secret_access_key'] == 'fake-fake-fake'
aws, creds = get_aws_settings(aws_unsigned=True)
assert creds is None
assert aws['region_name'] == 'us-west-2'
assert aws['aws_unsigned'] is True
aws, creds = get_aws_settings(profile="no_region",
region_name="us-west-1",
aws_unsigned=True)
assert creds is None
assert aws['region_name'] == 'us-west-1'
assert aws['aws_unsigned'] is True
with mock.patch('datacube.utils.aws._fetch_text',
return_value=_json(region="mordor")):
aws, creds = get_aws_settings(profile="no_region", aws_unsigned=True)
assert aws['region_name'] == 'mordor'
assert aws['aws_unsigned'] is True