本文整理汇总了Python中boto3.Session类的典型用法代码示例。如果您正苦于以下问题:Python Session类的具体用法?Python Session怎么用?Python Session使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Session类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_delete_vpc
def test_delete_vpc(self):
ctx = {
'name': 'vpc01',
'cidr_block': '10.0.10.0/24'
}
filters = [{'Name': 'tag:Name', 'Values': ['vpc01']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_vpc.VpcWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.Vpc'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the VPC
h = ec2_vpc.create_handler(ctx, self.credentials)
h.create_resource()
vpcs = list(ec2.vpcs.filter(Filters=filters))
self.assertEqual(len(vpcs), 1)
# We clear the resource cache to simulate a new
# program execution with the 'delete' option
base.BaseHandler._cache.clear()
# Delete the VPC
h.delete_resource()
vpcs = list(ec2.vpcs.filter(Filters=filters))
self.assertEqual(len(vpcs), 0)示例2: test_create_subnet
def test_create_subnet(self):
vpc_ctx = {
'name': 'vpc01',
'cidr_block': '10.0.10.0/24'
}
subnet_ctx = {
'name': 'subnet01a',
'cidr_block': '10.0.10.0/25',
'zone': 'us-west-2a',
'vpc': 'vpc01',
'tags': {
'description': 'Test subnet (zone a) for VPC vpc01'
}
}
tags = [
{
'Key': 'Name',
'Value': 'subnet01a'
},
{
'Key': 'Description',
'Value': 'Test subnet (zone a) for VPC vpc01'
}
]
vpc_filters = [{'Name': 'tag:Name', 'Values': ['vpc01']}]
subnet_filters = [{'Name': 'tag:Name', 'Values': ['subnet01a']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_subnet.SubnetWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.Subnet'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the VPC
h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
h.create_resource()
vpcs = list(ec2.vpcs.filter(Filters=vpc_filters))
vpc = vpcs[0]
# Create the subnet
h = ec2_subnet.create_handler(subnet_ctx, self.credentials)
h.create_resource()
subnets = list(ec2.subnets.filter(Filters=subnet_filters))
subnet = subnets[0]
self.assertEqual(len(subnets), 1)
self.assertEqual(subnet.name, 'subnet01a')
self.assertEqual(subnet.cidr_block, '10.0.10.0/25')
self.assertEqual(subnet.availability_zone, 'us-west-2a')
self.assertEqual(subnet.vpc_id, vpc.id)
self.assertEqual(subnet.map_public_ip_on_launch, False)
self.assertCountEqual(subnet.tags, tags)示例3: get_urls_list
def get_urls_list():
logging.info("=== boto3 を利用して S3 上の URL リストを取得")
s3 = Session().client('s3')
response = s3.get_object(Bucket=c.get('s3','bucket_name'), Key=c.get('s3','urls_list'))
body = response['Body'].read()
# 内容をバルクで返す
return body.strip()示例4: test_delete_internet_gateway
def test_delete_internet_gateway(self):
ctx = {
'name': 'igw01'
}
filters = [{'Name': 'tag:Name', 'Values': ['igw01']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_igw.InternetGatewayWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.InternetGateway'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the internet gateway
h = ec2_igw.create_handler(ctx, self.credentials)
h.create_resource()
gateways = list(ec2.internet_gateways.filter(Filters=filters))
self.assertEqual(len(gateways), 1)
# We clear the resource cache to simulate a new
# program execution with the 'delete' option
base.BaseHandler._cache.clear()
# Delete the internet gateway
h.delete_resource()
gateways = list(ec2.internet_gateways.filter(Filters=filters))
self.assertEqual(len(gateways), 0)示例5: get_temp_creds
def get_temp_creds(profile, token):
"""Use STS to retrieve temporary credentials for <profile>"""
from boto3 import Session #Late import because importing boto3 is slow
config = get_boto_config()[profile]
hub_client = Session(profile_name=config['source_profile']).client('sts')
response = hub_client.assume_role(
RoleArn = config['role_arn'],
RoleSessionName = 'alfed-aws-{}@{}'.format(str(uuid.uuid4())[:8], profile),
DurationSeconds = 3600,
SerialNumber = config['mfa_serial'],
TokenCode = token,
)
temp_creds = response['Credentials']
return {
'access_key': temp_creds['AccessKeyId'],
'secret_key': temp_creds['SecretAccessKey'],
'session_token': temp_creds['SessionToken'],
#Python's datetime lib is dumb and doesn't know how to turn timezone-aware datetimes
#into epoch timestamps. Since the datetime boto returns and the datetime returned
#by datetime.utcfromtimestamp() are both in UTC, this is safe.
'expires': (temp_creds['Expiration'].replace(tzinfo=None) - datetime.utcfromtimestamp(0)).total_seconds(),
}示例6: generate
def generate(self, incident: str, **kwargs) -> List[str]:
"""Generates the commands that will be run on the host."""
logger.debug("Generating osquery payload.")
session = Session()
# TODO check for existence before deployment
# we run with these commands with diffy credentials so as to not pollute the on-instance credentials
creds = session.get_credentials()
region = kwargs.get("region", CONFIG.get("DIFFY_PAYLOAD_OSQUERY_REGION"))
key = kwargs.get("key", CONFIG.get("DIFFY_PAYLOAD_OSQUERY_KEY"))
if not region:
raise BadArguments(
"DIFFY_PAYLOAD_OSQUERY_REGION required for use with OSQuery plugin."
)
if not key:
raise BadArguments(
"DIFFY_PAYLOAD_OSQUERY_KEY required for use with OSQuery plugin."
)
commands: List[str] = [
f"export AWS_ACCESS_KEY_ID={creds.access_key}",
f"export AWS_SECRET_ACCESS_KEY={creds.secret_key}",
f"export AWS_SESSION_TOKEN={creds.token}",
f"cd $(mktemp -d -t binaries-{incident}-`date +%s`-XXXXXX)",
f"aws s3 --region {region} cp s3://{key} ./latest.tar.bz2 --quiet",
"tar xvf latest.tar.bz2 &>/dev/null",
]
commands += CONFIG.get("DIFFY_PAYLOAD_OSQUERY_COMMANDS")
return commands示例7: deliver_sns_message
def deliver_sns_message(self, topic, subject, rendered_jinja_body, sqs_message):
# Max length of subject in sns is 100 chars
if len(subject) > 100:
subject = subject[:97] + '..'
try:
account = topic.split(':')[4]
if account in self.sns_cache:
sns = self.sns_cache[account]
else:
# if cross_accounts isn't set, we'll try using the current credentials
if account not in self.config.get('cross_accounts', []):
session = Session()
else:
creds = self.aws_sts.assume_role(
RoleArn=self.config['cross_accounts'][account],
RoleSessionName="CustodianNotification")['Credentials']
session = Session(
aws_access_key_id=creds['AccessKeyId'],
aws_secret_access_key=creds['SecretAccessKey'],
aws_session_token=creds['SessionToken'])
self.sns_cache[account] = sns = session.client('sns')
self.logger.info("Sending account:%s policy:%s sns:%s to %s" % (
sqs_message.get('account', ''),
sqs_message['policy']['name'],
sqs_message['action'].get('template', 'default'),
topic))
sns.publish(TopicArn=topic, Subject=subject, Message=rendered_jinja_body)
except Exception as e:
self.logger.warning(
"Error policy:%s account:%s sending sns to %s \n %s" % (
sqs_message['policy'], sqs_message.get('account', 'na'), topic, e))示例8: test_delete_route_table_with_association
def test_delete_route_table_with_association(self):
vpc_ctx = {
'name': 'vpc01',
'cidr_block': '10.0.10.0/24'
}
subnet_ctx = {
'name': 'subnet01a',
'cidr_block': '10.0.10.0/25',
'zone': 'us-west-2a',
'vpc': 'vpc01'
}
rt_ctx = {
'name': 'rt01',
'vpc': 'vpc01',
'subnets': [
'subnet01a'
]
}
filters = [{'Name': 'tag:Name', 'Values': ['rt01']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_rt.RouteTableWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.RouteTable'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the VPC
h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
h.create_resource()
# Create the subnet
h = ec2_subnet.create_handler(subnet_ctx, self.credentials)
h.create_resource()
# Create the route table
h = ec2_rt.create_handler(rt_ctx, self.credentials)
h.create_resource()
route_tables = list(ec2.route_tables.filter(Filters=filters))
self.assertEqual(len(route_tables), 1)
# We clear the resource cache to simulate a new
# program execution with the 'delete' option
base.BaseHandler._cache.clear()
# Delete the route table
h.delete_resource()
route_tables = list(ec2.route_tables.filter(Filters=filters))
self.assertEqual(len(route_tables), 0)示例9: test_create_dhcp_options
def test_create_dhcp_options(self):
ctx = {
'name': 'dhcp01',
'domain_name': [
'test01.us-west-2.aws'
],
'domain_name_servers': [
'10.0.10.2'
],
'tags': {
'description': 'DHCP options set for VPC vpc01'
}
}
tags = [
{
'Key': 'Name',
'Value': 'dhcp01'
},
{
'Key': 'Description',
'Value': 'DHCP options set for VPC vpc01'
}
]
dhcp_configurations = [
{
'Key': 'domain-name',
'Values': [{'Value': 'test01.us-west-2.aws'}]
},
{
'Key': 'domain-name-servers',
'Values': [{'Value': '10.0.10.2'}]
}
]
filters = [{'Name': 'tag:Name', 'Values': ['dhcp01']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_dhcp.DhcpOptionsWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.DhcpOptions'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the DHCP options set
h = ec2_dhcp.create_handler(ctx, self.credentials)
h.create_resource()
dhcp_options_sets = list(ec2.dhcp_options_sets.filter(Filters=filters))
dhcp = dhcp_options_sets[0]
self.assertEqual(len(dhcp_options_sets), 1)
self.assertEqual(dhcp.name, 'dhcp01')
self.assertCountEqual(dhcp.dhcp_configurations, dhcp_configurations)
self.assertCountEqual(dhcp.tags, tags)示例10: test_delete_attached_internet_gateway
def test_delete_attached_internet_gateway(self):
igw_ctx = {
'name': 'igw01'
}
vpc_ctx = {
'name': 'vpc01',
'cidr_block': '10.0.10.0/24',
'internet_gateway': 'igw01'
}
igw_filters = [{'Name': 'tag:Name', 'Values': ['igw01']}]
vpc_filters = [{'Name': 'tag:Name', 'Values': ['vpc01']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_igw.InternetGatewayWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.InternetGateway'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the internet gateway
h = ec2_igw.create_handler(igw_ctx, self.credentials)
h.create_resource()
gateways = list(ec2.internet_gateways.filter(Filters=igw_filters))
igw = gateways[0]
self.assertCountEqual(igw.attachments, [])
# Create the VPC
h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
h.create_resource()
vpcs = list(ec2.vpcs.filter(Filters=vpc_filters))
vpc = vpcs[0]
# Test that the internet gateway has been attached
igw.reload()
attachments = [{'VpcId': vpc.id, 'State': 'available'}]
self.assertCountEqual(igw.attachments, attachments)
# We clear the resource cache to simulate a new
# program execution with the 'delete' option
base.BaseHandler._cache.clear()
# Delete the internet gateway
h = ec2_igw.create_handler(igw_ctx, self.credentials)
h.delete_resource()
gateways = list(ec2.internet_gateways.filter(Filters=igw_filters))
# The gateway was not deleted
self.assertEqual(len(gateways), 1)示例11: configure_sqs_client
def configure_sqs_client(graph):
endpoint_url = graph.config.sqs_consumer.endpoint_url
profile_name = graph.config.sqs_consumer.profile_name
region_name = graph.config.sqs_consumer.region_name
session = Session(profile_name=profile_name)
return session.client(
"sqs",
endpoint_url=endpoint_url,
region_name=region_name,
)示例12: test_create_route_table
def test_create_route_table(self):
vpc_ctx = {
'name': 'vpc01',
'cidr_block': '10.0.10.0/24'
}
rt_ctx = {
'name': 'rt01',
'vpc': 'vpc01',
'tags': {
'description': 'Replace the default route table for VPC vpc01'
}
}
tags = [
{
'Key': 'Name',
'Value': 'rt01'
},
{
'Key': 'Description',
'Value': 'Replace the default route table for VPC vpc01'
}
]
vpc_filters = [{'Name': 'tag:Name', 'Values': ['vpc01']}]
rt_filters = [{'Name': 'tag:Name', 'Values': ['rt01']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_rt.RouteTableWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.RouteTable'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the VPC
h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
h.create_resource()
vpcs = list(ec2.vpcs.filter(Filters=vpc_filters))
vpc = vpcs[0]
# Create the route table
h = ec2_rt.create_handler(rt_ctx, self.credentials)
h.create_resource()
route_tables = list(ec2.route_tables.filter(Filters=rt_filters))
rt = route_tables[0]
self.assertEqual(len(route_tables), 1)
self.assertEqual(rt.name, 'rt01')
self.assertEqual(rt.vpc_id, vpc.id)
self.assertCountEqual(rt.tags, tags)示例13: AWSClient
class AWSClient(object):
"""Manages automatically creating and destroying clients to AWS services."""
def __init__(self, resource, config, credentials=None, region_name=None):
"""Constructor
:param resource: AWS specific token for resource type. e.g., 's3', 'sqs', etc.
:type resource: string
:param config: Resource specific configuration
:type config: :class:`botocore.client.Config`
:param credentials: Authentication values needed to access AWS. If no credentials are passed, then IAM
role-based access is assumed.
:type credentials: :class:`util.aws.AWSCredentials`
:param region_name: The AWS region the resource resides in.
:type region_name: string
"""
self.credentials = credentials
self.region_name = region_name
self._client = None
self._resource_name = resource
self._config = config
def __enter__(self):
"""Callback handles creating a new client for AWS access."""
logger.debug('Setting up AWS client...')
session_args = {}
if self.credentials:
session_args['aws_access_key_id'] = self.credentials.access_key_id
session_args['aws_secret_access_key'] = self.credentials.secret_access_key
if self.region_name:
session_args['region_name'] = self.region_name
self._session = Session(**session_args)
self._client = self._session.client(self._resource_name, config=self._config)
self._resource = self._session.resource(self._resource_name, config=self._config)
return self
def __exit__(self, type, value, traceback):
"""Callback handles destroying an existing client."""
pass
@staticmethod
def instantiate_credentials_from_config(config):
if 'credentials' in config and config['credentials']:
credentials_dict = config['credentials']
if 'access_key_id' not in credentials_dict or not credentials_dict['access_key_id']:
raise InvalidAWSCredentials('"credentials" requires "access_key_id" to be populated')
if 'secret_access_key' not in credentials_dict or not credentials_dict['secret_access_key']:
raise InvalidAWSCredentials('"credentials" requires "secret_access_key" to be populated')
return AWSCredentials(credentials_dict['access_key_id'], credentials_dict['secret_access_key'])示例14: test_create_security_group
def test_create_security_group(self):
vpc_ctx = {
'name': 'vpc01',
'cidr_block': '10.0.10.0/24'
}
sg_ctx = {
'name': 'sg01a',
'description': 'Test security group sg01a',
'vpc': 'vpc01'
}
tags = [
{
'Key': 'Name',
'Value': 'sg01a'
}
]
vpc_filters = [{'Name': 'tag:Name', 'Values': ['vpc01']}]
sg_filters = [{'Name': 'tag:Name', 'Values': ['sg01a']}]
def _add_wrapper(base_classes, **kwargs):
base_classes.insert(0, ec2_sg.SecurityGroupWrapper)
with mock_ec2():
event = 'creating-resource-class.ec2.SecurityGroup'
session = Session(**self.credentials)
session.events.register(event, _add_wrapper)
ec2 = session.resource('ec2')
# Create the VPC
h = ec2_vpc.create_handler(vpc_ctx, self.credentials)
h.create_resource()
vpcs = list(ec2.vpcs.filter(Filters=vpc_filters))
vpc = vpcs[0]
# Create the security group
h = ec2_sg.create_handler(sg_ctx, self.credentials)
h.create_resource()
security_groups = list(ec2.security_groups.filter(Filters=sg_filters))
sg = security_groups[0]
self.assertEqual(len(security_groups), 1)
self.assertEqual(sg.name, 'sg01a')
# Security groups have a dedicated attribute for their name
self.assertEqual(sg.name, sg.group_name)
self.assertEqual(sg.vpc_id, vpc.id)
self.assertCountEqual(sg.tags, tags)示例15: decrypt
def decrypt(self, value, context=None):
if not context:
context = {}
session = Session(profile_name=self.profile_name)
kms = session.client('kms', region_name=self.region)
key_service = KeyService(kms, self.kms_key, context)
return open_aes_ctr_legacy(
key_service,
dict(
key=value.key,
contents=value.contents,
hmac=value.hmac,
)
)