def __attrs_post_init__(self):
# type: () -> None
"""Make sure that primary index attributes are not being encrypted."""
if self.encryption_context.partition_key_name is not None:
if self.attribute_actions.action(self.encryption_context.partition_key_name) is CryptoAction.ENCRYPT_AND_SIGN: # noqa pylint: disable=line-too-long
raise InvalidArgumentError('Cannot encrypt partition key')
if self.encryption_context.sort_key_name is not None:
if self.attribute_actions.action(
self.encryption_context.sort_key_name
) is CryptoAction.ENCRYPT_AND_SIGN:
raise InvalidArgumentError('Cannot encrypt sort key')
def validate_get_arguments(kwargs):
# type: (Dict[Text, Any]) -> None
"""Verify that attribute filtering parameters are not found in the request.
:raises InvalidArgumentError: if banned parameters are found
"""
for arg in ("AttributesToGet", "ProjectionExpression"):
if arg in kwargs:
raise InvalidArgumentError('"{}" is not supported for this operation'.format(arg))
if kwargs.get("Select", None) in ("SPECIFIC_ATTRIBUTES", "ALL_PROJECTED_ATTRIBUTES"):
raise InvalidArgumentError('Scan "Select" value of "{}" is not supported'.format(kwargs["Select"]))
def set_index_keys(self, *keys):
"""Set the appropriate action for the specified indexed attribute names.
.. warning::
If you have already set a custom action for any of these attributes, this will
raise an error.
.. code::
Default Action -> Index Key Action
DO_NOTHING -> DO_NOTHING
SIGN_ONLY -> SIGN_ONLY
ENCRYPT_AND_SIGN -> SIGN_ONLY
:param str *keys: Attribute names to treat as indexed
:raises InvalidArgumentError: if a custom action was previously set for any specified
attributes
"""
for key in keys:
index_action = min(self.action(key), CryptoAction.SIGN_ONLY)
try:
if self.attribute_actions[key] is not index_action:
raise InvalidArgumentError(
'Cannot overwrite a previously requested action on indexed attribute: "{}"'.format(key)
)
except KeyError:
self.attribute_actions[key] = index_action