def test_examples(self):
with open("examples/iam_config.yaml") as f:
config_y = yaml.load(f, Loader=yaml.FullLoader)
with open("examples/iam_config.json") as f:
config_j = json.load(f)
with open("examples/iam_policy.json") as f:
expected = json.load(f)
out_y = build_iam_policy(config_y)
out_j = build_iam_policy(config_j)
self.assertDictEqual(config_j, config_y)
self.assertDictEqual(out_y, expected)
self.assertDictEqual(out_j, expected)
def assert_config_as_expected(ut, config_name):
with open(os.path.join(config_base_path, config_name + ".yaml")) as f:
config = yaml.load(f, Loader=yaml.FullLoader)
with open(os.path.join(test_policy_base_path, config_name + ".json")) as f:
expected = json.load(f)
out = build_iam_policy(config)
ut.assertDictEqual(out, expected)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-c", "--config", help="path to your yaml/json config")
parser.add_argument("-o", "--output", help="output_path")
args = parser.parse_args()
config_path = args.config
output_path = args.output
# Assume config is a yaml file if not json
with open(config_path, "r") as f:
if config_path.endswith(".json"):
config = json.load(f)
else:
config = yaml.load(f, Loader=yaml.FullLoader)
iam = build_iam_policy(config)
with open(output_path, "w+") as outfile:
json.dump(iam, outfile, indent=4, separators=(",", ": "))
def assert_config_error(ut, config_name, error_type):
with open(os.path.join(config_base_path, config_name + ".yaml")) as f:
with ut.assertRaises(error_type):
config = yaml.load(f, Loader=yaml.FullLoader)
build_iam_policy(config)
def generate_iam_config(
config,
iam_config_output="iam_config.yaml",
iam_policy_output=None,
overwrite_config=False,
):
"""
Takes file paths from config and generates an iam_config,
and optionally an iam_policy
Parameters
----------
config: dict
A config loaded from load_and_validate_config()
iam_config_path: str
Path to where you want to output the iam_config
iam_policy_path: str
Optional path to output the iam policy json generated from the
iam_config just generated
"""
if os.path.exists(iam_config_output) and overwrite_config is not True:
raise ValueError(
f"{iam_config_output} exists: to overwrite set overwrite_config=True"
)
log_path = config["log-base-path"].replace("s3://", "")
land_path = config["land-base-path"].replace("s3://", "")
pass_path = config["pass-base-path"].replace("s3://", "")
read_write = [os.path.join(land_path, "*"), os.path.join(pass_path, "*")]
if config["fail-base-path"]:
fail_path = config["fail-base-path"].replace("s3://", "")
read_write.append(os.path.join(fail_path, "*"))
out_iam = {
"iam-role-name": config["iam-role-name"],
"athena": {
"write": True
},
"s3": {
"write_only": [os.path.join(log_path, "*")],
"read_write": read_write
},
}
with open(iam_config_output, "w") as f:
yaml.dump(out_iam, f)
if iam_policy_output:
if iam_policy_output.endswith(".json"):
with open(iam_policy_output, "w") as f:
iam_policy = build_iam_policy(out_iam)
json.dump(iam_policy, f, indent=4, separators=(",", ": "))
else:
raise ValueError("iam_policy_path should be a json file")
