Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a first iteration at making the auth and aws base classes more portable and well tested, potentially allowing them to be moved to the SDK or at least directly copied to other taps when needed because this is the second time I've built this:
Opinionated decisions I made (can be changed):
use_aws_env_vars
config is set, avoiding confusing behavior where a mix of explicit and implicit inputs are provided. I've been in the case where boto finds local credentials that I'm not intending to use and it causes weird and potentially bad side affects.use_implicit_credentials
where we dont verify anything and just let boto do its thinguse_aws_env_vars
is set then credentials are pulled from the env and not from the config keys. My opinion is that we should force one or the other and not a mix.aws_assume_role_arn
is provided then the session created gets passed to the assume role method that creates a new one with the assumed roleMisc Stuff: