Add support for alternate AWS auth options (#77) #87

imnotbrandon · 2022-08-10T10:50:26Z

Resolves #77.

If --aws-access-key-id and --aws-access-key-secret are not provided on the command-line, it allows boto3 to source the credentials itself.

This also enhances the argument parsing by allowing providers to decide whether options are required or not. Options are required by default, but can be made non-required by giving them a default value in the function signature:

def fetch_domains(aws_access_key_id=None, aws_access_key_secret=None, **args):

SimonGurney · 2022-08-10T13:48:14Z

Thanks for doing the proper fix here, rather than a temp solution.

I think we need to validate in the provider that either both are none, or both are provided. A condition with just one is problematic.

imnotbrandon · 2022-08-10T14:08:36Z

Thanks for doing the proper fix here, rather than a temp solution.

I think we need to validate in the provider that either both are none, or both are provided. A condition with just one is problematic.

Surprisingly it was the path of least resistance!
Agreed... having a validation framework is useful in general (eg. ensuring params are in the correct format)

SimonGurney · 2022-08-10T14:24:21Z

I think we should also have an indicator on the help as to whether the parameter is mandatory or not. In this case they would be optional, and other providers they would be mandatory.

This then paves the way for us to add params for selecting a single zone id in aws or cloudflare.

imnotbrandon · 2022-08-10T14:33:44Z

I've put in some basic validation for now. I think that implementing full-blown validation framework is out of the scope of this feature request as other providers will need to be modified.