UsageΒΆ
To develop on awsauthenticationlib:
# The following commands require pipenv as a dependency
# To lint the project
_CI/scripts/lint.py
# To execute the testing
_CI/scripts/test.py
# To create a graph of the package and dependency tree
_CI/scripts/graph.py
# To build a package of the project under the directory "dist/"
_CI/scripts/build.py
# To see the package version
_CI/scripts/tag.py
# To bump semantic versioning [--major|--minor|--patch]
_CI/scripts/tag.py --major|--minor|--patch
# To upload the project to a pypi repo if user and password are properly provided
_CI/scripts/upload.py
# To build the documentation of the project
_CI/scripts/document.py
To use awsauthenticationlib in a project:
from awsauthenticationlib import AwsAuthenticator
awsauth = AwsAuthenticator('arn:aws:iam::ACCOUNTID:role/SomeRoleWithAdminRights')
awsauth.get_signed_url()
>>> 'https://signin.aws.amazon.com/federation?Action=login&Issuer=Example.com&Destination=https%3A%2F%2Fconsole.aws.amazon.com&SigninToken=real_long_valid_token_here'
awsauth.get_control_tower_authenticated_session()
>>> <requests.sessions.Session object at 0xaddress>
awsauth.get_sso_authenticated_session()
>>> <requests.sessions.Session object at 0xaddress>
awsauth=AwsAuthenticator('arn:aws:iam::ACCOUNTID:role/NoRightsOrWrongRole')
>>> awsauthenticationlib.awsauthenticationlibexceptions.InvalidCredentials: An error occurred (AccessDenied) when calling the AssumeRole operation: User: arn:aws:sts::ACCOUNTID:assumed-role/AWSReservedSSO_AWSAdministratorAccess_abcdefghij1234/someone@domain.com is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::ACCOUNTID:role/NoRightsOrWrongRole
awsauth.assumed_role_credentials
>>> {'aws_access_key_id': 'VALIDACCESSKEY', 'aws_secret_access_key': 'VALIDSECRETKEY', 'aws_session_token': 'VALIDSESSIONTOKEN'}
awsauth.session_credentials
>>> {'sessionId': 'VALIDSESSIONID', 'sessionKey': 'VALIDSESSIONKET', 'sessionToken': 'VALIDSESSIONTOKEN'}