boto3-refresh-session 1.3.4__py3-none-any.whl → 1.3.6__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,5 +3,5 @@ from .session import RefreshableSession
3
3
  from .sts import STSRefreshableSession
4
4
 
5
5
  __all__ = ["RefreshableSession"]
6
- __version__ = "1.3.4"
6
+ __version__ = "1.3.6"
7
7
  __author__ = "Mike Letts"
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.3
2
2
  Name: boto3-refresh-session
3
- Version: 1.3.4
3
+ Version: 1.3.6
4
4
  Summary: A simple Python package for refreshing the temporary security credentials in a boto3.session.Session object automatically.
5
5
  License: MIT
6
6
  Keywords: boto3,botocore,aws
@@ -100,35 +100,33 @@ A testimonial from a Cyber Security Engineer at a FAANG company:
100
100
 
101
101
  > _Most of my work is on tooling related to AWS security, so I'm pretty choosy about boto3 credentials-adjacent code. I often opt to just write this sort of thing myself so I at least know that I can reason about it. But I found boto3-refresh-session to be very clean and intuitive [...] We're using the RefreshableSession class as part of a client cache construct [...] We're using AWS Lambda to perform lots of operations across several regions in hundreds of accounts, over and over again, all day every day. And it turns out that there's a surprising amount of overhead to creating boto3 clients (mostly deserializing service definition json), so we can run MUCH more efficiently if we keep a cache of clients, all equipped with automatically refreshing sessions._
102
102
 
103
- The following line plot illustrates the adoption of BRS over the last three months in terms of average daily downloads over a rolling seven day window.
104
-
105
103
  ## Installation
106
104
 
107
105
  ```bash
108
106
  pip install boto3-refresh-session
109
107
  ```
110
108
 
111
- ## Usage
109
+ ## Usage (STS)
112
110
 
113
111
  ```python
114
112
  import boto3_refresh_session as brs
115
113
 
116
- # you can pass all of the params associated with boto3.session.Session
117
- profile_name = '<your-profile-name>'
118
- region_name = 'us-east-1'
114
+ # you can pass all of the params normally associated with boto3.session.Session
115
+ profile_name = "<your-profile-name>"
116
+ region_name = "us-east-1"
119
117
  ...
120
118
 
121
119
  # as well as all of the params associated with STS.Client.assume_role
122
120
  assume_role_kwargs = {
123
- 'RoleArn': '<your-role-arn>',
124
- 'RoleSessionName': '<your-role-session-name>',
125
- 'DurationSeconds': '<your-selection>',
121
+ "RoleArn": "<your-role-arn>",
122
+ "RoleSessionName": "<your-role-session-name>",
123
+ "DurationSeconds": "<your-selection>",
126
124
  ...
127
125
  }
128
126
 
129
127
  # as well as all of the params associated with STS.Client, except for 'service_name'
130
128
  sts_client_kwargs = {
131
- 'region_name': region_name,
129
+ "region_name": region_name,
132
130
  ...
133
131
  }
134
132
 
@@ -140,37 +138,41 @@ session = brs.RefreshableSession(
140
138
  profile_name=profile_name,
141
139
  ...
142
140
  )
143
-
144
- # now you can create clients, resources, etc. without worrying about expired temporary
145
- # security credentials
146
- s3 = session.client(service_name='s3')
147
- buckets = s3.list_buckets()
148
141
  ```
149
142
 
150
- ## Raison d'être
151
-
152
- Long-running data pipelines, security tooling, ETL jobs, and cloud automation scripts frequently interact with the AWS API using boto3 — and often run into the same problem:
153
-
154
- **Temporary credentials expire.**
155
-
156
- When that happens, engineers typically fall back on one of two strategies:
157
-
158
- - Wrapping AWS calls in try/except blocks that catch ClientError exceptions
159
- - Writing ad hoc logic to refresh credentials using botocore credentials internals
160
-
161
- Both approaches are fragile, tedious to maintain, and error-prone at scale.
162
-
163
- Over the years, I noticed that every company I worked for — whether a scrappy startup or FAANG — ended up with some variation of the same pattern:
164
- a small in-house module to manage credential refresh, written in haste, duplicated across services, and riddled with edge cases. Things only
165
- got more strange and difficult when I needed to run things in parallel.
143
+ ## Usage (ECS)
166
144
 
167
- Eventually, I decided to build boto3-refresh-session as a proper open-source Python package:
145
+ ```python
146
+ session = RefreshableSession(
147
+ method="ecs",
148
+ region_name=region_name,
149
+ profile_name=profile_name,
150
+ ...
151
+ )
152
+ ```
168
153
 
169
- - Fully tested
170
- - Extensible
171
- - Integrated with boto3 idioms
172
- - Equipped with automatic documentation and CI tooling
154
+ ## Usage (Custom)
173
155
 
174
- **The goal:** to solve a real, recurring problem once cleanly, consistently, and for everyone - with multiple refresh strategies.
156
+ If you have a highly sophisticated, novel, or idiosyncratic authentication flow not included in boto3-refresh-session then you will need to provide your own custom temporary credentials method. `RefreshableSession` accepts custom credentials methods, as shown below.
175
157
 
176
- If you've ever written the same AWS credential-refresh boilerplate more than once, this library is for you.
158
+ ```python
159
+ # create (or import) your custom credential method
160
+ def your_custom_credential_getter(...):
161
+ ...
162
+ return {
163
+ "access_key": ...,
164
+ "secret_key": ...,
165
+ "token": ...,
166
+ "expiry_time": ...,
167
+ }
168
+
169
+ # and pass it to RefreshableSession
170
+ session = RefreshableSession(
171
+ method="custom",
172
+ custom_credentials_method=your_custom_credential_getter,
173
+ custom_credentials_methods_args=...,
174
+ region_name=region_name,
175
+ profile_name=profile_name,
176
+ ...
177
+ )
178
+ ```
@@ -1,11 +1,11 @@
1
- boto3_refresh_session/__init__.py,sha256=CKuebAI3ak--HtZHABu7NmtisPYZvx27UyPay98xCOc,200
1
+ boto3_refresh_session/__init__.py,sha256=944rMVW-eSGvXJhL0-LFD1qSsN1e604qkP6dst8D_-4,200
2
2
  boto3_refresh_session/custom.py,sha256=ZnN94A69Eku9L-kHZ7JJxn_aWbrt6mJDWOIEWrJrIcY,3229
3
3
  boto3_refresh_session/ecs.py,sha256=WIC5mlbcEnM1oo-QXmmtiw2mjFDn01hBfcFh67ku42A,3713
4
4
  boto3_refresh_session/exceptions.py,sha256=qcFzdIuK5PZirs77H_Kb64S9QFb6cn2OJtirjvaRLiY,972
5
5
  boto3_refresh_session/session.py,sha256=ak8lvgoHMObaJgL4c80ih4bptRHS3ASojnaWdbxn5kA,5246
6
6
  boto3_refresh_session/sts.py,sha256=paIgbmn9a3cATNX-6AEGxnSGNZnX1pj4rRQmh8gQSKs,3132
7
- boto3_refresh_session-1.3.4.dist-info/LICENSE,sha256=I3ZYTXAjbIly6bm6J-TvFTuuHwTKws4h89QaY5c5HiY,1067
8
- boto3_refresh_session-1.3.4.dist-info/METADATA,sha256=Nwbut9vTqmaEGvGrblAy4k6RXOTrMy1w_L3dlH0E43o,7800
9
- boto3_refresh_session-1.3.4.dist-info/NOTICE,sha256=1s8r33qbl1z0YvPB942iWgvbkP94P_e8AnROr1qXXuw,939
10
- boto3_refresh_session-1.3.4.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
11
- boto3_refresh_session-1.3.4.dist-info/RECORD,,
7
+ boto3_refresh_session-1.3.6.dist-info/LICENSE,sha256=I3ZYTXAjbIly6bm6J-TvFTuuHwTKws4h89QaY5c5HiY,1067
8
+ boto3_refresh_session-1.3.6.dist-info/METADATA,sha256=noSVW3kcFe92PA5JXoM1qwIt3xgrtVePNNIJiPwDjX4,7034
9
+ boto3_refresh_session-1.3.6.dist-info/NOTICE,sha256=1s8r33qbl1z0YvPB942iWgvbkP94P_e8AnROr1qXXuw,939
10
+ boto3_refresh_session-1.3.6.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
11
+ boto3_refresh_session-1.3.6.dist-info/RECORD,,