boto3-assist 0.11.0__py3-none-any.whl → 0.13.0__py3-none-any.whl

boto3_assist/boto3session.py

@@ -4,21 +4,14 @@ Maintainers: Eric Wilson
 MIT License.  See Project Root for the license information.
 """
 
-from typing import Any, Optional
-
+from typing import Optional, List, Any
 import boto3
-from aws_lambda_powertools import Logger
 from botocore.config import Config
-from botocore.exceptions import ProfileNotFound
-from boto3_assist.environment_services.environment_variables import EnvironmentVariables
-
-
-logger = Logger(__name__)
+from .session_setup_mixin import SessionSetupMixin
+from .role_assumption_mixin import RoleAssumptionMixin
 
 
-class Boto3SessionManager:
-    """Manages Boto3 Sessions"""
-
+class Boto3SessionManager(SessionSetupMixin, RoleAssumptionMixin):
     def __init__(
         self,
         service_name: str,
@@ -26,8 +19,9 @@ class Boto3SessionManager:
         aws_profile: Optional[str] = None,
         aws_region: Optional[str] = None,
         assume_role_arn: Optional[str] = None,
+        assume_role_chain: Optional[List[str]] = None,
         assume_role_session_name: Optional[str] = None,
-        cross_account_role_arn: Optional[str] = None,
+        assume_role_duration_seconds: Optional[int] = 3600,
         config: Optional[Config] = None,
         aws_endpoint_url: Optional[str] = None,
         aws_access_key_id: Optional[str] = None,
@@ -37,144 +31,57 @@ class Boto3SessionManager:
         self.service_name = service_name
         self.aws_profile = aws_profile
         self.aws_region = aws_region
-        self.assume_role_arn = assume_role_arn
-        self.assume_role_session_name = assume_role_session_name
         self.config = config
-        self.cross_account_role_arn = cross_account_role_arn
         self.endpoint_url = aws_endpoint_url
+        self.assume_role_chain = assume_role_chain or (
+            [assume_role_arn] if assume_role_arn else []
+        )
+        self.assume_role_session_name = (
+            assume_role_session_name or f"AssumeRoleSessionFor{service_name}"
+        )
+        self.assume_role_duration_seconds = assume_role_duration_seconds
         self.aws_access_key_id = aws_access_key_id
         self.aws_secret_access_key = aws_secret_access_key
         self.aws_session_token = aws_session_token
 
-        self.__session: Any = None
+        self.__session: Optional[boto3.Session] = None
         self.__client: Any = None
         self.__resource: Any = None
 
-        self.__setup()
-
-    def __setup(self):
-        """Setup AWS session, client, and resource."""
-
-        profile = self.aws_profile or EnvironmentVariables.AWS.profile()
-        region = self.aws_region or EnvironmentVariables.AWS.region()
-        if self.assume_role_arn:
-            self.__assume_role()
-        else:
-            logger.debug("Connecting without assuming a role.")
-            self.__session = self.__get_aws_session(profile, region)
-
-        if profile:
-            print(f"Connecting with a profile: {profile}")
-
-    def __assume_role(self):
-        """Assume an AWS IAM role."""
-        try:
-            logger.debug(f"Assuming role {self.assume_role_arn}")
-            sts_client = boto3.client("sts")
-            session_name = (
-                self.assume_role_session_name
-                or f"AssumeRoleSessionFor{self.service_name}"
-            )
-            if not self.assume_role_arn:
-                raise ValueError("assume_role_arn is required")
-            assumed_role_response = sts_client.assume_role(
-                RoleArn=self.assume_role_arn,
-                RoleSessionName=session_name,
-            )
-            credentials = assumed_role_response["Credentials"]
-            self.__session = boto3.Session(
-                aws_access_key_id=credentials["AccessKeyId"],
-                aws_secret_access_key=credentials["SecretAccessKey"],
-                aws_session_token=credentials["SessionToken"],
-            )
-
-        except Exception as e:
-            logger.error(f"Error assuming role: {e}")
-            raise RuntimeError(f"Failed to assume role {self.assume_role_arn}") from e
-
-    def __get_aws_session(
-        self, aws_profile: Optional[str] = None, aws_region: Optional[str] = None
-    ) -> boto3.Session | None:
-        """Get a boto3 session for AWS."""
-        logger.debug({"profile": aws_profile, "region": aws_region})
-        try:
-            self.aws_profile = aws_profile or EnvironmentVariables.AWS.profile()
-            self.aws_region = aws_region or EnvironmentVariables.AWS.region()
-            tmp_access_key_id = self.aws_access_key_id
-            tmp_secret_access_key = self.aws_secret_access_key
-            if not EnvironmentVariables.AWS.display_aws_access_key_id():
-                tmp_access_key_id = (
-                    "None" if tmp_access_key_id is None else "***************"
-                )
-            if not EnvironmentVariables.AWS.display_aws_secret_access_key():
-                tmp_secret_access_key = (
-                    "None" if tmp_secret_access_key is None else "***************"
-                )
-
-            logger.debug(
-                {
-                    "profile": self.aws_profile,
-                    "region": self.aws_region,
-                    "aws_access_key_id": tmp_access_key_id,
-                    "aws_secret_access_key": tmp_secret_access_key,
-                    "aws_session_token": "*******"
-                    if self.aws_session_token is not None
-                    else "",
-                }
+        self.__initialize()
+
+    def __initialize(self):
+        base_session = self._create_base_session(
+            self.aws_profile,
+            self.aws_region,
+            self.aws_access_key_id,
+            self.aws_secret_access_key,
+            self.aws_session_token,
+        )
+
+        if self.assume_role_chain:
+            self.__session = self._assume_roles_in_chain(
+                base_session,
+                self.assume_role_chain,
+                self.assume_role_session_name,
+                self.assume_role_duration_seconds,
+                self.aws_region,
             )
-            logger.debug("Creating boto3 session")
-            session = self.__create_boto3_session()
-        # if self.aws_profile or self.aws_region
-        # else boto3.Session()
-
-        except Exception as e:
-            logger.error(e)
-            raise RuntimeError("Failed to create a boto3 session.") from e
-
-        logger.debug({"session": session})
-        return session
+        else:
+            self.__session = base_session
 
     @property
     def client(self) -> Any:
-        """Return the boto3 client connection."""
         if not self.__client:
-            logger.debug(f"Creating {self.service_name} client")
             self.__client = self.__session.client(
-                self.service_name,
-                config=self.config,
-                endpoint_url=self.endpoint_url,
+                self.service_name, config=self.config, endpoint_url=self.endpoint_url
             )
-
         return self.__client
 
     @property
     def resource(self) -> Any:
-        """Return the boto3 resource connection."""
         if not self.__resource:
-            logger.debug(f"Creating {self.service_name} resource")
             self.__resource = self.__session.resource(
-                self.service_name,
-                config=self.config,
-                endpoint_url=self.endpoint_url,
+                self.service_name, config=self.config, endpoint_url=self.endpoint_url
             )
         return self.__resource
-
-    def __create_boto3_session(self) -> boto3.Session | None:
-        try:
-            logger.debug(f"Creating session for {self.service_name}")
-            session = boto3.Session(
-                profile_name=self.aws_profile,
-                region_name=self.aws_region,
-                aws_access_key_id=self.aws_access_key_id,
-                aws_secret_access_key=self.aws_secret_access_key,
-                aws_session_token=self.aws_session_token,
-            )
-            return session
-        except ProfileNotFound as e:
-            print(
-                f"An error occurred setting up the boto3 sessions. Profile not found: {e}"
-            )
-            raise e
-        except Exception as e:
-            print(f"An error occurred setting up the boto3 sessions: {e}")
-            raise e

boto3_assist/connection.py

@@ -30,6 +30,7 @@ class Connection:
         aws_access_key_id: Optional[str] = None,
         aws_secret_access_key: Optional[str] = None,
         aws_end_point_url: Optional[str] = None,
+        assume_role_arn: Optional[str] = None,
     ) -> None:
         self.__aws_profile = aws_profile
         self.__aws_region = aws_region
@@ -37,7 +38,7 @@ class Connection:
         self.__aws_secret_access_key = aws_secret_access_key
         self.end_point_url = aws_end_point_url
         self.__session: Boto3SessionManager | None = None
-
+        self.__assume_role_arn: Optional[str] = assume_role_arn
         self.__service_name: str | None = service_name
 
         if self.__service_name is None:
@@ -73,6 +74,7 @@ class Connection:
             aws_access_key_id=self.aws_access_key_id,
             aws_secret_access_key=self.aws_secret_access_key,
             aws_endpoint_url=self.end_point_url,
+            assume_role_arn=self.__assume_role_arn,
         )
 
         tracker.add(service_name=self.service_name)

boto3_assist/dynamodb/dynamodb.py

@@ -24,7 +24,6 @@ from boto3_assist.utilities.string_utility import StringUtility
 logger = Logger()
 
 
-
 class DynamoDB(DynamoDBConnection):
     """
         DynamoDB. Wrapper for basic DynamoDB Connection and Actions
@@ -41,6 +40,7 @@ class DynamoDB(DynamoDBConnection):
         aws_end_point_url: Optional[str] = None,
         aws_access_key_id: Optional[str] = None,
         aws_secret_access_key: Optional[str] = None,
+        assume_role_arn: Optional[str] = None,
     ) -> None:
         super().__init__(
             aws_profile=aws_profile,
@@ -48,6 +48,7 @@ class DynamoDB(DynamoDBConnection):
             aws_end_point_url=aws_end_point_url,
             aws_access_key_id=aws_access_key_id,
             aws_secret_access_key=aws_secret_access_key,
+            assume_role_arn=assume_role_arn,
         )
         self.helpers: DynamoDBHelpers = DynamoDBHelpers()
         self.log_dynamodb_item_size = (
@@ -55,7 +56,6 @@ class DynamoDB(DynamoDBConnection):
         )
         logger.setLevel(os.getenv("LOG_LEVEL", "INFO"))
 
-    
     def save(
         self,
         item: dict | DynamoDBModelBase,
@@ -169,7 +169,6 @@ class DynamoDB(DynamoDBConnection):
         call_type: str = "resource",
     ) -> Dict[str, Any]: ...
 
-    
     def get(
         self,
         key: Optional[dict] = None,
@@ -344,7 +343,6 @@ class DynamoDB(DynamoDBConnection):
     ) -> dict:
         pass
 
-    
     def delete(
         self,
         *,

boto3_assist/dynamodb/dynamodb_connection.py

@@ -32,6 +32,7 @@ class DynamoDBConnection(Connection):
         aws_end_point_url: Optional[str] = None,
         aws_access_key_id: Optional[str] = None,
         aws_secret_access_key: Optional[str] = None,
+        assume_role_arn: Optional[str] = None,
     ) -> None:
         super().__init__(
             service_name="dynamodb",
@@ -40,6 +41,7 @@ class DynamoDBConnection(Connection):
             aws_access_key_id=aws_access_key_id,
             aws_secret_access_key=aws_secret_access_key,
             aws_end_point_url=aws_end_point_url,
+            assume_role_arn=assume_role_arn,
         )
 
         self.__dynamodb_client: DynamoDBClient | None = None

boto3_assist/role_assumption_mixin.py

@@ -0,0 +1,38 @@
+"""
+Geek Cafe, LLC
+Maintainers: Eric Wilson
+MIT License.  See Project Root for the license information.
+"""
+
+import boto3
+from typing import List
+
+
+class RoleAssumptionMixin:
+    def _assume_roles_in_chain(
+        self,
+        base_session: boto3.Session,
+        role_chain: List[str],
+        session_name: str,
+        duration_seconds: int,
+        region: str,
+    ) -> boto3.Session:
+        session = base_session
+
+        for role_arn in role_chain:
+            sts_client = session.client("sts")
+            response = sts_client.assume_role(
+                RoleArn=role_arn,
+                RoleSessionName=session_name,
+                DurationSeconds=duration_seconds,
+            )
+            creds = response["Credentials"]
+
+            session = boto3.Session(
+                aws_access_key_id=creds["AccessKeyId"],
+                aws_secret_access_key=creds["SecretAccessKey"],
+                aws_session_token=creds["SessionToken"],
+                region_name=region,
+            )
+
+        return session

boto3_assist/session_setup_mixin.py

@@ -0,0 +1,29 @@
+"""
+Geek Cafe, LLC
+Maintainers: Eric Wilson
+MIT License.  See Project Root for the license information.
+"""
+
+import boto3
+from typing import Optional
+
+
+class SessionSetupMixin:
+    def _create_base_session(
+        self,
+        aws_profile: Optional[str],
+        aws_region: Optional[str],
+        aws_access_key_id: Optional[str],
+        aws_secret_access_key: Optional[str],
+        aws_session_token: Optional[str],
+    ) -> boto3.Session:
+        try:
+            return boto3.Session(
+                profile_name=aws_profile,
+                region_name=aws_region,
+                aws_access_key_id=aws_access_key_id,
+                aws_secret_access_key=aws_secret_access_key,
+                aws_session_token=aws_session_token,
+            )
+        except Exception as e:
+            raise RuntimeError(f"Failed to create boto3 session: {e}") from e

boto3_assist/version.py

@@ -1 +1 @@
-__version__ = '0.11.0'
+__version__ = '0.13.0'

{boto3_assist-0.11.0.dist-info → boto3_assist-0.13.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: boto3_assist
-Version: 0.11.0
+Version: 0.13.0
 Summary: Additional boto3 wrappers to make your life a little easier
 Author-email: Eric Wilson <boto3-assist@geekcafe.com>
 License-File: LICENSE-EXPLAINED.txt

{boto3_assist-0.11.0.dist-info → boto3_assist-0.13.0.dist-info}/RECORD

@@ -1,9 +1,11 @@
 boto3_assist/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-boto3_assist/boto3session.py,sha256=JnZIRbut5R_C_r50bY2xiF6CjR93jQSOeVmhdK97mDg,6712
-boto3_assist/connection.py,sha256=-z_OZtZmSVjSSECpoqx1FnqW7B9A_LovfN_cJ_nhHgg,4361
+boto3_assist/boto3session.py,sha256=p4FKVSX5A-xNHdpRan8pgMoY4iIywNfwriyTfjQ-zTQ,2967
+boto3_assist/connection.py,sha256=UJg6YHxVpz3F51Lih5cjfPhbkheRvXoJTpCilErNzkc,4523
 boto3_assist/connection_tracker.py,sha256=UgfR9RlvXf3A4ssMr3gDMpw89ka8mSRvJn4M34SzhbU,4378
 boto3_assist/http_status_codes.py,sha256=G0zRSWenwavYKETvDF9tNVUXQz3Ae2gXdBETYbjvJe8,3284
-boto3_assist/version.py,sha256=UHGsGhGjMtfvoaFMaJdv4diSXG2uXo8Y2yCo7kiUOdk,23
+boto3_assist/role_assumption_mixin.py,sha256=PMUU5yC2FUBjFD1UokVkRY3CPB5zTw85AhIB5BMtbc8,1031
+boto3_assist/session_setup_mixin.py,sha256=KgHOf560f2W_Qj04mnu4CiGHXAI_irjmQeEfhAJN3kA,865
+boto3_assist/version.py,sha256=8jbyfDafOI8eZRtXgKR6mD8oxCBRAURo9UJ6grdsnZU,23
 boto3_assist/aws_lambda/event_info.py,sha256=OkZ4WzuGaHEu_T8sB188KBgShAJhZpWASALKRGBOhMg,14648
 boto3_assist/aws_lambda/mock_context.py,sha256=LPjHP-3YSoY6iPl1kPqJDwSVf1zLNTcukUunDtYcbK0,116
 boto3_assist/cloudwatch/cloudwatch_connection.py,sha256=mnGWaLSQpHh5EeY7Ek_2o9JKHJxOELIYtQVMX1IaHn4,2480
@@ -16,8 +18,8 @@ boto3_assist/cognito/cognito_connection.py,sha256=deuXR3cNHz0mCYff2k0LfAvK--9Okq
 boto3_assist/cognito/cognito_utility.py,sha256=IVZAg58nHG1U7uxe7FsTYpqwwZiwwdIBGiVTZuLCFqg,18417
 boto3_assist/cognito/jwks_cache.py,sha256=1Y9r-YfQ8qrgZN5xYPvjUEEV0vthbdcPdAIaPbZP7kU,373
 boto3_assist/cognito/user.py,sha256=qc44qLx3gwq6q2zMxcPQze1EjeZwy5Kuav93vbe-4WU,820
-boto3_assist/dynamodb/dynamodb.py,sha256=ARbxuAQitqDBdEb_vHiRaC7x9nDMr71SgRA7tD6NVKk,15681
-boto3_assist/dynamodb/dynamodb_connection.py,sha256=x6Ylb_uVAY5TS0AIBUNOSyywKIqros3xX8diLTjZUsc,3275
+boto3_assist/dynamodb/dynamodb.py,sha256=8uzKaw9knqPvlkroQK5aMR-ASRxFwCCcMacm6wWpp8g,15757
+boto3_assist/dynamodb/dynamodb_connection.py,sha256=kOFB07ulFM3ohtqr_Ytk4OaCfPL_DdCQ-GXGq6Gi-Ag,3367
 boto3_assist/dynamodb/dynamodb_helpers.py,sha256=RoRRqKjdwfC-2-gvlkLvCoNWhIoMrHm-68dkyhXI_Xk,12080
 boto3_assist/dynamodb/dynamodb_importer.py,sha256=nCKsyRQeMqDSf0Q5mQ_X_oVIg4PRnu0hcUzZnBli610,3471
 boto3_assist/dynamodb/dynamodb_index.py,sha256=D0Lq121qk1cXeMetPeqnzvv6CXd0XfEygfdUXaljLG8,8551
@@ -53,8 +55,8 @@ boto3_assist/utilities/logging_utility.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5N
 boto3_assist/utilities/numbers_utility.py,sha256=wzv9d0uXT_2_ZHHio7LBzibwxPqhGpvbq9HinrVn_4A,10160
 boto3_assist/utilities/serialization_utility.py,sha256=nieqW9b71Dr0X2HPsNmCei6zoIbsPRl9fDAigBQkaUg,21730
 boto3_assist/utilities/string_utility.py,sha256=0ChxbuT37xdG4y3cKzbNTHk4T3fl8lNMdOT7L5aJBQk,10382
-boto3_assist-0.11.0.dist-info/METADATA,sha256=bXUuUsYCrxXCm125R0K6pI13n3oh8rfRdJPj9mNrCdA,2875
-boto3_assist-0.11.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-boto3_assist-0.11.0.dist-info/licenses/LICENSE-EXPLAINED.txt,sha256=WFREvTpfTjPjDHpOLADxJpCKpIla3Ht87RUUGii4ODU,606
-boto3_assist-0.11.0.dist-info/licenses/LICENSE.txt,sha256=PXDhFWS5L5aOTkVhNvoitHKbAkgxqMI2uUPQyrnXGiI,1105
-boto3_assist-0.11.0.dist-info/RECORD,,
+boto3_assist-0.13.0.dist-info/METADATA,sha256=gLgFlW_mfJdcOGYgYtXdSFA7CgxdVRNg-kO-kwU2isA,2875
+boto3_assist-0.13.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+boto3_assist-0.13.0.dist-info/licenses/LICENSE-EXPLAINED.txt,sha256=WFREvTpfTjPjDHpOLADxJpCKpIla3Ht87RUUGii4ODU,606
+boto3_assist-0.13.0.dist-info/licenses/LICENSE.txt,sha256=PXDhFWS5L5aOTkVhNvoitHKbAkgxqMI2uUPQyrnXGiI,1105
+boto3_assist-0.13.0.dist-info/RECORD,,