runbooks 1.0.0__py3-none-any.whl → 1.0.2__py3-none-any.whl

runbooks/common/profile_utils.py

@@ -1,59 +1,51 @@
 #!/usr/bin/env python3
 """
-Profile Management Utilities for CloudOps Runbooks Platform
+Universal AWS Profile Management for CloudOps Runbooks Platform
 
-This module provides centralized AWS profile management with enterprise-grade
-three-tier priority system extracted from proven FinOps success patterns.
+This module provides truly universal AWS profile management that works with ANY AWS setup:
+- Single account setups
+- Multi-account setups  
+- Any profile naming convention
+- No specific environment variable requirements
 
 Features:
-- Three-tier priority: User > Environment > Default
-- Multi-profile enterprise architecture support
-- Consistent session creation across all modules
-- Rich CLI integration for user feedback
-- Profile validation and error handling
+- Universal compatibility: User --profile → AWS_PROFILE → "default"
+- Works with ANY AWS profile names (not just specific test profiles)
+- No hardcoded environment variable assumptions
+- Simple, reliable profile selection for all users
 
 Author: CloudOps Runbooks Team
-Version: 0.9.0
+Version: 1.0.0 - Universal Compatibility
 """
 
 import os
 import time
-from typing import Dict, Optional
+from typing import Dict, Optional, Union, List, Tuple
 
 import boto3
 
 from runbooks.common.rich_utils import console
 
-# Profile cache to reduce duplicate calls (enterprise performance optimization)
+# Profile cache to reduce duplicate calls (performance optimization)
 _profile_cache = {}
 _cache_timestamp = None
 _cache_ttl = 300  # 5 minutes cache TTL
 
-# Enterprise AWS profile mappings with fallback defaults
-ENV_PROFILE_MAP = {
-    "billing": os.getenv("BILLING_PROFILE"),
-    "management": os.getenv("MANAGEMENT_PROFILE"),
-    "operational": os.getenv("CENTRALISED_OPS_PROFILE"),
-}
 
-# Fallback defaults if environment variables are not set - NO hardcoded defaults
-DEFAULT_PROFILE = os.getenv("AWS_PROFILE") or "default"  # "default" is AWS boto3 expected fallback
-
-
-def get_profile_for_operation(operation_type: str, user_specified_profile: Optional[str] = None) -> str:
+def get_profile_for_operation(operation_type: str, user_specified_profile: Optional[Union[str, Tuple[str, ...], List[str]]] = None) -> str:
     """
-    Get the appropriate AWS profile based on operation type using proven three-tier priority system.
+    Universal AWS profile selection that works with ANY AWS setup.
 
-    PRIORITY ORDER (Enterprise Success Pattern):
+    SIMPLE PRIORITY ORDER (Universal Compatibility):
     1. User-specified profile (--profile parameter) - HIGHEST PRIORITY
-    2. Environment variables for specialized operations - FALLBACK ONLY
-    3. Default profile - LAST RESORT
+    2. AWS_PROFILE environment variable - STANDARD AWS CONVENTION
+    3. "default" profile - AWS STANDARD FALLBACK
 
-    This pattern extracted from FinOps module achieving 99.9996% accuracy and 280% ROI.
+    Works with ANY profile names and ANY AWS setup - no specific environment variable requirements.
 
     Args:
-        operation_type: Type of operation ('billing', 'management', 'operational')
-        user_specified_profile: Profile specified by user via --profile parameter
+        operation_type: Type of operation (informational only, not used for profile selection)
+        user_specified_profile: Profile specified by user via --profile parameter (handles both str and tuple)
 
     Returns:
         str: Profile name to use for the operation
@@ -61,9 +53,16 @@ def get_profile_for_operation(operation_type: str, user_specified_profile: Optio
     Raises:
         SystemExit: If user-specified profile not found in AWS config
     """
+    # SAFETY NET: Handle tuple profiles (Click multiple=True parameter issue)
+    # This prevents errors like: Profile '('profile-name',)' not found
+    if isinstance(user_specified_profile, (tuple, list)) and user_specified_profile:
+        user_specified_profile = user_specified_profile[0]  # Take first profile from tuple/list
+    elif isinstance(user_specified_profile, (tuple, list)) and not user_specified_profile:
+        user_specified_profile = None  # Empty tuple/list becomes None
+        
     global _profile_cache, _cache_timestamp
     
-    # Check cache first to reduce duplicate calls (enterprise performance optimization)
+    # Check cache first to reduce duplicate calls (performance optimization)
     cache_key = f"{operation_type}:{user_specified_profile or 'None'}"
     current_time = time.time()
     
@@ -82,33 +81,26 @@ def get_profile_for_operation(operation_type: str, user_specified_profile: Optio
     # PRIORITY 1: User-specified profile ALWAYS takes precedence
     if user_specified_profile and user_specified_profile != "default":
         if user_specified_profile in available_profiles:
-            console.log(f"[green]Using user-specified profile for {operation_type}: {user_specified_profile}[/]")
+            console.log(f"[green]Using user-specified profile: {user_specified_profile}[/]")
             # Cache the result to reduce duplicate calls
             _profile_cache[cache_key] = user_specified_profile
             return user_specified_profile
         else:
-            console.log(f"[red]Error: User-specified profile '{user_specified_profile}' not found in AWS config[/]")
-            # Don't fall back - user explicitly chose this profile
+            console.log(f"[red]Error: Profile '{user_specified_profile}' not found in AWS config[/]")
+            console.log(f"[yellow]Available profiles: {', '.join(available_profiles)}[/]")
             raise SystemExit(1)
 
-    # PRIORITY 2: Environment variables (only when no user input)
-    profile_map = {
-        "billing": os.getenv("AWS_BILLING_PROFILE") or os.getenv("BILLING_PROFILE"),
-        "management": os.getenv("AWS_MANAGEMENT_PROFILE") or os.getenv("MANAGEMENT_PROFILE"),
-        "operational": os.getenv("AWS_CENTRALISED_OPS_PROFILE") or os.getenv("CENTRALISED_OPS_PROFILE"),
-        "single_account": os.getenv("AWS_SINGLE_ACCOUNT_PROFILE") or os.getenv("SINGLE_AWS_PROFILE"),
-    }
-
-    env_profile = profile_map.get(operation_type)
-    if env_profile and env_profile in available_profiles:
-        console.log(f"[dim cyan]Using {operation_type} profile from environment: {env_profile}[/]")
+    # PRIORITY 2: AWS_PROFILE environment variable (standard AWS convention)
+    aws_profile = os.getenv("AWS_PROFILE")
+    if aws_profile and aws_profile in available_profiles:
+        console.log(f"[dim cyan]Using AWS_PROFILE environment variable: {aws_profile}[/]")
         # Cache the result to reduce duplicate calls
-        _profile_cache[cache_key] = env_profile
-        return env_profile
+        _profile_cache[cache_key] = aws_profile
+        return aws_profile
 
-    # PRIORITY 3: Default profile (last resort)
-    default_profile = user_specified_profile or "default"
-    console.log(f"[yellow]No {operation_type} profile found, using default: {default_profile}[/]")
+    # PRIORITY 3: Default profile (AWS standard fallback)
+    default_profile = "default"
+    console.log(f"[yellow]Using default AWS profile: {default_profile}[/]")
     # Cache the result to reduce duplicate calls
     _profile_cache[cache_key] = default_profile
     return default_profile
@@ -116,11 +108,11 @@ def get_profile_for_operation(operation_type: str, user_specified_profile: Optio
 
 def resolve_profile_for_operation_silent(operation_type: str, user_specified_profile: Optional[str] = None) -> str:
     """
-    Resolve AWS profile for operation type without logging (for display purposes).
-    Uses the same logic as get_profile_for_operation but without console output.
+    Universal AWS profile resolution without logging (for display purposes).
+    Uses the same universal logic as get_profile_for_operation but without console output.
 
     Args:
-        operation_type: Type of operation ('billing', 'management', 'operational')
+        operation_type: Type of operation (informational only, not used for profile selection)
         user_specified_profile: Profile specified by user via --profile parameter
 
     Returns:
@@ -139,78 +131,72 @@ def resolve_profile_for_operation_silent(operation_type: str, user_specified_pro
             # Don't fall back - user explicitly chose this profile
             raise SystemExit(1)
 
-    # PRIORITY 2: Environment variables (only when no user input)
-    profile_map = {
-        "billing": os.getenv("AWS_BILLING_PROFILE") or os.getenv("BILLING_PROFILE"),
-        "management": os.getenv("AWS_MANAGEMENT_PROFILE") or os.getenv("MANAGEMENT_PROFILE"),
-        "operational": os.getenv("AWS_CENTRALISED_OPS_PROFILE") or os.getenv("CENTRALISED_OPS_PROFILE"),
-        "single_account": os.getenv("AWS_SINGLE_ACCOUNT_PROFILE") or os.getenv("SINGLE_AWS_PROFILE"),
-    }
-
-    env_profile = profile_map.get(operation_type)
-    if env_profile and env_profile in available_profiles:
-        return env_profile
+    # PRIORITY 2: AWS_PROFILE environment variable (standard AWS convention)
+    aws_profile = os.getenv("AWS_PROFILE")
+    if aws_profile and aws_profile in available_profiles:
+        return aws_profile
 
-    # PRIORITY 3: Default profile (last resort)
-    return user_specified_profile or "default"
+    # PRIORITY 3: Default profile (AWS standard fallback)
+    return "default"
 
 
 def create_cost_session(profile: Optional[str] = None) -> boto3.Session:
     """
-    Create a boto3 session specifically for cost operations.
-    User-specified profile takes priority over BILLING_PROFILE environment variable.
+    Create a boto3 session for cost operations with universal profile support.
+    Works with ANY AWS profile configuration.
 
     Args:
         profile: User-specified profile (from --profile parameter)
 
     Returns:
-        boto3.Session: Session configured for cost operations
+        boto3.Session: Session configured for AWS operations
     """
-    cost_profile = get_profile_for_operation("billing", profile)
-    return boto3.Session(profile_name=cost_profile)
+    selected_profile = get_profile_for_operation("cost", profile)
+    return boto3.Session(profile_name=selected_profile)
 
 
 def create_management_session(profile: Optional[str] = None) -> boto3.Session:
     """
-    Create a boto3 session specifically for management operations.
-    User-specified profile takes priority over MANAGEMENT_PROFILE environment variable.
+    Create a boto3 session for management operations with universal profile support.
+    Works with ANY AWS profile configuration.
 
     Args:
         profile: User-specified profile (from --profile parameter)
 
     Returns:
-        boto3.Session: Session configured for management operations
+        boto3.Session: Session configured for AWS operations
     """
-    mgmt_profile = get_profile_for_operation("management", profile)
-    return boto3.Session(profile_name=mgmt_profile)
+    selected_profile = get_profile_for_operation("management", profile)
+    return boto3.Session(profile_name=selected_profile)
 
 
 def create_operational_session(profile: Optional[str] = None) -> boto3.Session:
     """
-    Create a boto3 session specifically for operational tasks.
-    User-specified profile takes priority over CENTRALISED_OPS_PROFILE environment variable.
+    Create a boto3 session for operational tasks with universal profile support.
+    Works with ANY AWS profile configuration.
 
     Args:
         profile: User-specified profile (from --profile parameter)
 
     Returns:
-        boto3.Session: Session configured for operational tasks
+        boto3.Session: Session configured for AWS operations
     """
-    ops_profile = get_profile_for_operation("operational", profile)
-    return boto3.Session(profile_name=ops_profile)
+    selected_profile = get_profile_for_operation("operational", profile)
+    return boto3.Session(profile_name=selected_profile)
 
 
-def get_enterprise_profile_mapping() -> Dict[str, Optional[str]]:
+def get_current_profile_info() -> Dict[str, Optional[str]]:
     """
-    Get current enterprise profile mapping from environment variables.
+    Get current AWS profile information using universal approach.
+    Works with ANY AWS setup without hardcoded environment variable assumptions.
 
     Returns:
-        Dict mapping operation types to their environment profile values
+        Dict with current profile information
     """
     return {
-        "billing": os.getenv("BILLING_PROFILE"),
-        "management": os.getenv("MANAGEMENT_PROFILE"),
-        "operational": os.getenv("CENTRALISED_OPS_PROFILE"),
+        "aws_profile": os.getenv("AWS_PROFILE"),
+        "default_profile": "default",
+        "available_profiles": boto3.Session().available_profiles
     }
 
 
@@ -247,10 +233,10 @@ def validate_profile_access(profile_name: str, operation_type: str = "general")
 
 def get_available_profiles_for_validation() -> list:
     """
-    Get available AWS profiles for validation - universal compatibility approach.
+    Get available AWS profiles for validation - truly universal approach.
     
-    Returns all configured AWS profiles for validation without hardcoded assumptions.
-    Supports any AWS setup: single account, multi-account, any profile naming convention.
+    Returns all configured AWS profiles for validation without ANY hardcoded assumptions.
+    Works with any AWS setup: single account, multi-account, any profile naming convention.
     
     Returns:
         list: Available AWS profile names for validation
@@ -259,38 +245,20 @@ def get_available_profiles_for_validation() -> list:
         # Get all available profiles from AWS CLI configuration
         available_profiles = boto3.Session().available_profiles
         
-        # Filter out common system profiles that shouldn't be tested
-        system_profiles = {'default', 'none', 'null', ''}
-        
-        # Return profiles for validation, including default if it's the only one
+        # Start with AWS_PROFILE if set
         validation_profiles = []
+        aws_profile = os.getenv("AWS_PROFILE")
+        if aws_profile and aws_profile in available_profiles:
+            validation_profiles.append(aws_profile)
         
-        # Add environment variable profiles if they exist
-        env_profiles = [
-            os.getenv("AWS_BILLING_PROFILE"),
-            os.getenv("AWS_MANAGEMENT_PROFILE"), 
-            os.getenv("AWS_CENTRALISED_OPS_PROFILE"),
-            os.getenv("AWS_SINGLE_ACCOUNT_PROFILE"),
-            os.getenv("BILLING_PROFILE"),
-            os.getenv("MANAGEMENT_PROFILE"),
-            os.getenv("CENTRALISED_OPS_PROFILE"),
-            os.getenv("SINGLE_AWS_PROFILE"),
-        ]
-        
-        # Add valid environment profiles
-        for profile in env_profiles:
-            if profile and profile in available_profiles and profile not in validation_profiles:
+        # Add all other available profiles (universal approach)
+        for profile in available_profiles:
+            if profile not in validation_profiles:
                 validation_profiles.append(profile)
         
-        # If no environment profiles found, use available profiles (universal approach)
+        # Ensure we have at least one profile to test
         if not validation_profiles:
-            for profile in available_profiles:
-                if profile not in system_profiles:
-                    validation_profiles.append(profile)
-        
-        # Always include 'default' if available and no other profiles found
-        if not validation_profiles and 'default' in available_profiles:
-            validation_profiles.append('default')
+            validation_profiles = ['default']
             
         return validation_profiles
         
@@ -303,10 +271,10 @@ def get_available_profiles_for_validation() -> list:
 __all__ = [
     "get_profile_for_operation",
     "resolve_profile_for_operation_silent",
-    "create_cost_session",
+    "create_cost_session", 
     "create_management_session",
     "create_operational_session",
-    "get_enterprise_profile_mapping",
+    "get_current_profile_info",
     "validate_profile_access",
     "get_available_profiles_for_validation",
 ]

runbooks/common/rich_utils.py

@@ -358,8 +358,8 @@ def create_display_profile_name(profile_name: str, max_length: int = 25, context
     meaningful information for identification. Full names remain available for AWS API calls.
 
     Examples:
-        'ams-admin-Billing-ReadOnlyAccess-909135376185' → 'ams-admin-Billing-9091...'
-        'ams-centralised-ops-ReadOnlyAccess-335083429030' → 'ams-centralised-ops-3350...'
+        'your-admin-Billing-ReadOnlyAccess-123456789012' → 'your-admin-Billing-1234...'
+        'your-centralised-ops-ReadOnlyAccess-987654321098' → 'your-centralised-ops-9876...'
         'short-profile' → 'short-profile' (no truncation needed)
 
     Args:
@@ -398,7 +398,7 @@ def create_display_profile_name(profile_name: str, max_length: int = 25, context
 
         # Strategy 1: Keep meaningful prefix + account ID suffix
         if len(parts) >= 4 and parts[-1].isdigit():
-            # Enterprise pattern: ams-admin-Billing-ReadOnlyAccess-909135376185
+            # Enterprise pattern: your-admin-Billing-ReadOnlyAccess-123456789012
             account_id = parts[-1]
             prefix_parts = parts[:-2]  # Skip permissions part for brevity