python-route53
python-route53 copied to clipboard
gtaylor
Added support for STS security tokens.
I have added an optional parameter aws_security_token to the Route53Connection class so EC2 profiles with sufficient permissions can use the library without storing credentials.
I use the following snippet to resolve credentials but I'm not sure this should be part of an API library.
import os
import requests
__author__ = "Karel van IJperen"
class Credentials(object):
"""Amazon AWS Credentials resolver. First check parameters.
Than environment. And than try to get the instance credentials
following properties:
Attributes:
access_key_id: A string representing the id.
secret_access_key: A string representing the HMAC secret.
token: A string representing the STS token.
expiration: A string representing the expiration date that comes with temporary security credentials.
"""
def __init__(self, access_key_id = None, secret_access_key = None, profile = None):
if access_key_id and secret_access_key:
self._set_attributes(access_key_id,
secret_access_key)
return
if profile:
self._credentials_from_profile(profile)
return
if (os.environ.get('AWS_ACCESS_KEY_ID', False) and
os.environ.get('AWS_SECRET_ACCESS_KEY', False)):
self._set_attributes(os.environ.get('AWS_ACCESS_KEY_ID'),
os.environ.get('AWS_SECRET_ACCESS_KEY'))
return
profile = self._get_profile()
self._credentials_from_profile(profile)
def _get_profile(self):
r = requests.get('http://169.254.169.254/latest/meta-data/iam/security-credentials/')
if r.status_code == 200:
return r.text
def _credentials_from_profile(self, profile):
if profile:
r = requests.get('http://169.254.169.254/latest/meta-data/iam/security-credentials/'
+ profile)
sts = r.json()
self._set_attributes(sts['AccessKeyId'],
sts['SecretAccessKey'],
sts['Token'],
sts['Expiration'])
def _set_attributes(self, access_key_id = None, secret_access_key = None,
token = None, expiration = None):
self.access_key_id = access_key_id
self.secret_access_key = secret_access_key
self.token = token
self.expiration = expiration
