Exemplos de DeferredRefreshableCredentials em Python

Exemplo n.º 1

    def load(self):

        botocore_session = BotocoreSession(profile=self._profile)
        config = botocore_session.get_scoped_config()

        source_profile = config.get('source_profile')
        mfa_serial = config.get('mfa_serial')

        if source_profile and mfa_serial:

            fetcher = SourceProfileMfaCredentialsFetcher(
                profile=source_profile,
                mfa_serial=mfa_serial,
                mfa_prompter=self._mfa_prompter,
                cache=cache,
            )
            refresher = fetcher.fetch_credentials

            role_arn = config.get('role_arn')
            if role_arn:
                external_id = config.get('external_id')
                duration_seconds = config.get('duration_seconds')
                refresher = create_assume_role_refresher(
                    refresher=refresher,
                    role_arn=role_arn,
                    external_id=external_id,
                    session_name=config.get('role_session_name') or self._profile,
                    duration_seconds=duration_seconds,
                )

            return DeferredRefreshableCredentials(
                method=self.METHOD,
                refresh_using=refresher,
            )

Exemplo n.º 2

Arquivo: awscli_plugin_credential_mfa.py Projeto: seporaitis/awscli-plugin-credential-mfa

    def _load_mfa_creds(self, profile_name):
        mfa_config = self._get_mfa_config(profile_name)
        source_credentials = self._resolve_source_credentials(
            mfa_config, profile_name)
        mfa_serial = mfa_config.get('mfa_serial')

        extra_args = {}
        if mfa_serial is not None:
            extra_args['SerialNumber'] = mfa_serial

        fetcher = MfaCredentialFetcher(
            client_creator=self._client_creator,
            source_credentials=source_credentials,
            extra_args=extra_args,
            mfa_prompter=self._prompter,
            cache=self.cache,
        )
        refresher = fetcher.fetch_credentials
        if mfa_serial is not None:
            refresher = create_mfa_serial_refresher(refresher)

        return DeferredRefreshableCredentials(
            method=self.METHOD,
            refresh_using=refresher,
            time_fetcher=_local_now,
        )

Exemplo n.º 3

Arquivo: credentials.py Projeto: kenshin54/aws-simple-mfa

    def _load_creds(self, profile):
        source_credentials = self._resolve_static_credentials_from_profile(
            profile)
        fetcher = SimpleMFACredentialFetcher(
            client_creator=self._client_creator,
            source_credentials=source_credentials,
            mfa_serial=profile[self.MFA_CONFIG_VAR],
            mfa_prompter=self._prompter,
            cache=self.cache,
        )

        refresher = create_mfa_serial_refresher(fetcher.fetch_credentials)
        return DeferredRefreshableCredentials(method=self.METHOD,
                                              refresh_using=refresher,
                                              time_fetcher=_local_now)

Exemplo n.º 4

    def _create_s3_client(self, s3_info):
        # type: (Dict[str, Any]) -> BaseClient
        """Create the S3 client with automatic credentials renewal."""
        # https://boto3.amazonaws.com/v1/documentation/api/latest/guide/resources.html#multithreading-and-multiprocessing
        # The session will be able to automatically refresh credentials
        creds = DeferredRefreshableCredentials(
            self._refresh_credentials,
            "sts-assume-role",
        )
        session = get_session()
        session._credentials = creds

        return boto3.Session(botocore_session=session).client(
            UP_AMAZON_S3,
            endpoint_url=s3_info.get("endpoint") or None,
            config=self._s3_config,
        )

Exemplo n.º 5

    def test_no_race_for_initial_refresh_of_deferred_refreshable(self):
        def get_credentials():
            expiry_time = (datetime.now(tzlocal()) +
                           timedelta(hours=24)).isoformat()
            return {
                'access_key': 'my-access-key',
                'secret_key': 'my-secret-key',
                'token': 'my-token',
                'expiry_time': expiry_time
            }

        deferred_creds = DeferredRefreshableCredentials(
            get_credentials, 'fixed')

        def _run_in_thread(collected):
            frozen = deferred_creds.get_frozen_credentials()
            collected.append(frozen)

        self.assert_non_none_retrieved_credentials(_run_in_thread)

Exemplo n.º 6

Arquivo: credentials.py Projeto: onicagroup/runway

    def load(self):
        """Load AWS SSO credentials."""
        sso_config = self._load_sso_config()
        if not sso_config:
            return None

        sso_fetcher = SSOCredentialFetcher(
            sso_config["sso_start_url"],
            sso_config["sso_region"],
            sso_config["sso_role_name"],
            sso_config["sso_account_id"],
            self._client_creator,
            token_loader=SSOTokenLoader(cache=self._token_cache),
            cache=self.cache,
        )

        return DeferredRefreshableCredentials(
            method=self.METHOD,
            refresh_using=sso_fetcher.fetch_credentials,
        )

Exemplo n.º 7

 def load(self):
     return DeferredRefreshableCredentials(self._fetcher.fetch_credentials,
                                           self.METHOD)

Exemplo n.º 8

Arquivo: credentials_manager.py Projeto: MDunitz/dcp-cli

 def load(self):
     return DeferredRefreshableCredentials(
         refresh_using=self.get_credentials_from_upload_api, method=None)