Add AWS session token support #23
Closed
Commits on Oct 22, 2021
-
-
Make S3 bucket name configurable in tests
This commit will add a pytest fixture to configure the S3 bucket name. A configurable S3 bucket name enables contributors to run tests on their forks and in their AWS accounts, by setting a GitHub Secrets variable `${{ secrets.TEST_AWS_S3_BUCKET_NAME }}`. Defaults to `aioaws-testing`. The function is written with an if expression instead of with `os.getenv('TEST_AWS_S3_BUCKET_NAME', 'aioaws-testing')` because of how the environment variable value is passed in from GitHub Actions. If `${{ secrets.TEST_AWS_S3_BUCKET_NAME }}` is not set, then the value of the environment variable `TEST_AWS_S3_BUCKET_NAME` will be an empty string, and `os.getenv('TEST_AWS_S3_BUCKET_NAME', 'aioaws-testing')` will return an empty string.
Commits on Oct 24, 2021
-
Make SES email address configurable in tests
As with the S3 bucket name, enabling configuration of the email address allowscontributors to run tests on their forks and in their AWS accounts by setting `${{ secrets.TEST_AWS_SES_ADDRESS }}` in GitHub Secrets. Defaults to `testing@scolvin.com`.
Commits on Oct 25, 2021
-
This is a "resource-based policy" that allows an IAM role to be assumed. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html
-
Assume IAM role for testing with GitHub Actions
- Use aws-actions/configure-aws-credentials to obtain temporary security credentials - Pass both the static and temporary credentials to pytest
-
Parametrize AWS credentials with pytest
Parametrize the pytest fixture so that it is generated for each item in params, and each test that uses the fixture runs for each param https://docs.pytest.org/en/latest/how-to/fixtures.html
Commits on Oct 30, 2021
-
Session tokens are used when AWS resources obtain temporary credentials. - Add `aws_session_token: str` model fields - `aioaws._types.S3ConfigProtocol` - `aioaws.s3.S3Config` - Add `aioaws.core.AwsClient.aws_session_token` attribute - Update `aioaws.core.AwsClient._auth_headers` to add session token into signature - For S3 downloads, add `X-Amz-Security-Token` param to `aioaws.core.AwsClient.add_signed_download_params` - For S3 uploads, allow `X-Amz-Security-Token` as an extra condition in `aioaws.core.AwsClient.upload_extra_conditions`, then add to upload signature using `aioaws.core.AwsClient.signed_upload_fields`
-
Commits on Jan 22, 2022
-
-
-
Revert "Remove empty mapping from
pull_requesttrigger"This reverts commit 4f0142d.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.