Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Switching remaining uses of boto to boto3. (#809)

This commit is contained in:
kevgliss 2017-05-20 11:09:55 -07:00 committed by GitHub
parent 9594f2cd8d
commit 4093f4669a
4 changed files with 40 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
lemur/plugins/lemur_aws/s3.py
View File

@ -6,21 +6,29 @@
:license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
from boto.s3.key import Key
from lemur.plugins.lemur_aws.sts import assume_service
from flask import current_app
from .sts import sts_client
def write_to_s3(account_number, bucket_name, key, data, encrypt=True):
@sts_client('s3', 'resource')
def write_to_s3(resource, bucket_name, prefix, data, encrypt=True):
"""
Use STS to write to an S3 bucket
:param account_number:
:param bucket_name:
:param data:
"""
conn = assume_service(account_number, 's3')
b = conn.get_bucket(bucket_name, validate=False) # validate=False removes need for ListObjects permission
bucket = resource.Bucket(bucket_name)
current_app.logger.debug('Persisting data to S3. Bucket: {0} Prefix: {1}'.format(bucket_name, prefix))
k = Key(bucket=b, name=key)
k.set_contents_from_string(data, encrypt_key=encrypt)
k.set_canned_acl("bucket-owner-read")
if encrypt:
bucket.put_object(
Key=prefix,
Body=data.encode('utf-8'),
ACL='bucket-owner-full-control',
ServerSideEncryption='AES256'
)
else:
bucket.put_object(
Key=prefix,
Body=data.encode('utf-8'),
ACL='bucket-owner-full-control'
)

35
lemur/plugins/lemur_aws/sts.py
View File

@ -7,46 +7,11 @@
"""
from functools import wraps
import boto
import boto.ec2.elb
import boto3
from flask import current_app
def assume_service(account_number, service, region='us-east-1'):
conn = boto.connect_sts()
role = conn.assume_role('arn:aws:iam::{0}:role/{1}'.format(
account_number, current_app.config.get('LEMUR_INSTANCE_PROFILE', 'Lemur')), 'blah')
if service in 'iam':
return boto.connect_iam(
aws_access_key_id=role.credentials.access_key,
aws_secret_access_key=role.credentials.secret_key,
security_token=role.credentials.session_token)
elif service in 'elb':
return boto.ec2.elb.connect_to_region(
region,
aws_access_key_id=role.credentials.access_key,
aws_secret_access_key=role.credentials.secret_key,
security_token=role.credentials.session_token)
elif service in 'vpc':
return boto.connect_vpc(
aws_access_key_id=role.credentials.access_key,
aws_secret_access_key=role.credentials.secret_key,
security_token=role.credentials.session_token)
elif service in 's3':
return boto.s3.connect_to_region(
region,
aws_access_key_id=role.credentials.access_key,
aws_secret_access_key=role.credentials.secret_key,
security_token=role.credentials.session_token)
def sts_client(service, service_type='client'):
def decorator(f):
@wraps(f)

23
lemur/plugins/lemur_email/plugin.py
View File

@ -6,7 +6,7 @@
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
import boto.ses
import boto3
from flask import current_app
from flask_mail import Message
@ -54,8 +54,25 @@ def send_via_ses(subject, body, targets):
:param targets:
:return:
"""
conn = boto.connect_ses()
conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, targets, format='html')
client = boto3.client('ses')
client.send_email(
Source=current_app.config.get('LEMUR_EMAIL'),
Destination={
'ToAddresses': targets
},
Message={
'Subject': {
'Data': subject,
'Charset': 'string'
},
'Body': {
'Html': {
'Data': body,
'Charset': 'string'
}
}
}
)
class EmailNotificationPlugin(ExpirationNotificationPlugin):

1
setup.py
View File

@ -58,7 +58,6 @@ install_requires = [
'inflection==0.3.1',
'future==0.16.0',
'boto3==1.4.4',
'boto==2.45.0', # we might make this optional
'acme==0.14.1',
'retrying==1.3.3',
'tabulate==0.7.7',