AWS Interface

The CloudWanderer AWS Interface.

class AWSResourceTypeFilter(service, resource_type, botocore_filters=None, jmespath_filters=None)

AWS Specific resource type filter.

Allows specification of either botocore filters or jmespath filters.

Parameters

• service (str) –

• resource_type (str) –

• botocore_filters (Dict[str, Any]) –

• jmespath_filters (List[str]) –

Return type

None

class CloudWandererAWSInterface(cloudwanderer_boto3_session=None)

Simplifies lookup of Boto3 services and resources.

Parameters

cloudwanderer_boto3_session (Optional[cloudwanderer.aws_interface.session.CloudWandererBoto3Session]) –

Return type

None

__init__(cloudwanderer_boto3_session=None)

Simplifies lookup of Boto3 services and resources.

Parameters

cloudwanderer_boto3_session (Optional[cloudwanderer.aws_interface.session.CloudWandererBoto3Session]) – A CloudWandererBoto3Session session, if not provided the default will be used.

Return type

None

get_account_id()

Return the ID of the account we’re getting resources from.

Return type

str

get_enabled_regions()

Return the list of regions enabled.

Fulfils the interface requirements for cloudwanderer.cloud_wanderer.CloudWanderer to call.

Return type

List[str]

get_resource(urn, service_resource_type_filters=None, include_dependent_resources=True, client_args=None)

Yield the resource picked out by this URN and optionally its subresources.

Parameters

• urn (URN) – The urn of the resource to get.

• service_resource_type_filters (Optional[List[cloudwanderer.base.ServiceResourceTypeFilter]]) – A AWSResourceTypeFilter list to filter resources.

• include_dependent_resources (bool) – Whether or not to additionally yield the dependent_resources of the resource.

• client_args (Optional[Dict[str, Any]]) – Additional keyword arguments will be passed down to the Boto3 client.

Raises

• UnsupportedResourceTypeError – Occurs when we try to get an unsupported resource type.

• botocore.exceptions.ClientError – Raises from Boto3 client.

Return type

Iterator[cloudwanderer.cloud_wanderer_resource.CloudWandererResource]

get_resource_discovery_actions(regions=None, service_resource_types=None)

Return the ActionSets required to discover resources according to the params.

Parameters

• regions (Optional[List[str]]) – List of regions to discover resources in

• service_resource_types (Optional[List[cloudwanderer.models.ServiceResourceType]]) – List of service resource types to discover

Return type

List[cloudwanderer.models.ActionSet]

get_resources(service_name, resource_type, region, service_resource_type_filters=None, client_args=None)

Return all resources of resource_type from Boto3.

Parameters

• service_name (str) – The name of the service to get resource for (e.g. 'ec2')

• resource_type (str) – The type of resource to get resources of (e.g. 'instance')

• region (str) – The region to get resources of (e.g. 'eu-west-1')

• service_resource_type_filters (Optional[List[cloudwanderer.base.ServiceResourceTypeFilter]]) – A AWSResourceTypeFilter list to filter resources.

• client_args (Optional[Dict[str, Any]]) – Additional keyword arguments will be passed down to the Boto3 client.

Raises

botocore.exceptions.ClientError – Occurs if the Boto3 Client Errors.

Return type

Iterator[cloudwanderer.cloud_wanderer_resource.CloudWandererResource]

class CloudWandererBoto3ClientConfig(**kwargs)

Allows the specification of internal getter client config.

Example

Configure the sts client (used in CloudWandererBoto3Session.get_account_id) to use a regional endpoint url.

>>> from cloudwanderer.aws_interface import (
...     CloudWandererBoto3ClientConfig,
...     CloudWandererBoto3Session
... )
>>> getter_client_config = CloudWandererBoto3ClientConfig(
...     sts={"endpoint_url": "https://sts.eu-west-1.amazonaws.com"}
... )
>>> cloudwanderer_boto3_session = CloudWandererBoto3Session(getter_client_config=getter_client_config)

Parameters

kwargs (Dict[str, Dict[str, Any]]) –

Return type

None

class CloudWandererBoto3Session(aws_access_key_id=None, aws_secret_access_key=None, aws_session_token=None, region_name=None, botocore_session=None, profile_name=None, resource_factory=None, service_mapping_loader=None, getter_client_config=None, account_id=None, enabled_regions=None)

Subclass of Boto3 Session class to provide additional helper methods.

Parameters

• service_mapping_loader (botocore.loaders.Loader) –

• getter_client_config (Optional[cloudwanderer.aws_interface.session.CloudWandererBoto3ClientConfig]) –

• account_id (Optional[str]) –

• enabled_regions (Optional[List[str]]) –

Return type

None

__init__(aws_access_key_id=None, aws_secret_access_key=None, aws_session_token=None, region_name=None, botocore_session=None, profile_name=None, resource_factory=None, service_mapping_loader=None, getter_client_config=None, account_id=None, enabled_regions=None)

Subclass of Boto3 Session class to provide additional helper methods.

You will need to interact with this class to provide any credentials that cannot be found in the normal Boto3 credentials locations (env vars, default profile, etc.)

You can also use it to supply a custom resource factory if you want to test or use your own resource definitions.

Parameters

• aws_access_key_id – AWS access key ID

• aws_secret_access_key – AWS secret access key

• aws_session_token – AWS temporary session token

• region_name – Default region when creating new connections

• botocore_session – Use this Botocore session instead of creating a new default one.

• profile_name – The name of a profile to use. If not given, then the default profile is used.

• resource_factory – Supply a custom resource factory, useful if you want to test/use your own resource definitions.

• service_mapping_loader (Optional[botocore.loaders.Loader]) – Supply a custom service mapping loader, useful if you want to test/use your own resource definitions.

• getter_client_config (Optional[cloudwanderer.aws_interface.session.CloudWandererBoto3ClientConfig]) – Supply boto3 client config for CloudWandererBoto3Session.get_account_id() and CloudWandererBoto3Session.get_enabled_regions() .

• account_id (Optional[str]) – The AWS account ID we’re fetching resources from. This will be fetched automatically via API call if not supplied.

• enabled_regions (Optional[List[str]]) – The list of regions enabled in this AWS account. This will be fetched automatically via API call if not supplied.

Return type

None

get_account_id()

Return the AWS Account ID our Boto3 session is authenticated against.

Return type

str

get_enabled_regions()

Return a list of enabled regions in this account.

Return type

List[str]

resource(service_name, region_name=None, api_version=None, use_ssl=True, verify=None, endpoint_url=None, aws_access_key_id=None, aws_secret_access_key=None, aws_session_token=None, config=None)

Create a resource service client by name.

Parameters

• service_name (string) – The name of a service, e.g. ‘s3’ or ‘ec2’. You can get a list of available services via get_available_resources().

• region_name (string) – The name of the region associated with the client. A client is associated with a single region.

• api_version (string) – The API version to use. By default, botocore will use the latest API version when creating a client. You only need to specify this parameter if you want to use a previous API version of the client.

• use_ssl (boolean) – Whether or not to use SSL. By default, SSL is used. Note that not all services support non-ssl connections.

• verify (boolean/string) –

  Whether or not to verify SSL certificates. By default SSL certificates are verified. You can provide the following values:

  • False - do not validate SSL certificates. SSL will still be used (unless use_ssl is False), but SSL certificates will not be verified.

  • path/to/cert/bundle.pem - A filename of the CA cert bundle to uses. You can specify this argument if you want to use a different CA cert bundle than the one used by botocore.

• endpoint_url (string) – The complete URL to use for the constructed client. Normally, botocore will automatically construct the appropriate URL to use when communicating with a service. You can specify a complete URL (including the “http/https” scheme) to override this behavior. If this value is provided, then use_ssl is ignored.

• aws_access_key_id (string) – The access key to use when creating the client. This is entirely optional, and if not provided, the credentials configured for the session will automatically be used. You only need to provide this argument if you want to override the credentials used for this specific client.

• aws_secret_access_key (string) – The secret key to use when creating the client. Same semantics as aws_access_key_id above.

• aws_session_token (string) – The session token to use when creating the client. Same semantics as aws_access_key_id above.

• config (botocore.client.Config) – Advanced client configuration options. If region_name is specified in the client config, its value will take precedence over environment variables and configuration values, but not over a region_name value passed explicitly to the method. If user_agent_extra is specified in the client config, it overrides the default user_agent_extra provided by the resource API. See botocore config documentation for more details.

Returns

Subclass of ServiceResource

Return type

CloudWandererServiceResource