Python boto3.resource() Examples

def __init__(self, aws_access_key_id, aws_secret_access_key,
                 aws_region, in_queue=None, out_queue=None):
        """Set up SQS connections.

        :param aws_access_key_id: AWS access key ID.
        :param aws_secret_access_key: AWS secret access key.
        :param aws_region: AWS region string.
        :param in_queue: Optional input queue name.
        :param out_queue: Optional output queue name.
        """
        self.in_queue = None
        self.out_queue = None

        if in_queue:
            resource = boto3.resource('sqs', region_name=aws_region,
                                      aws_access_key_id=aws_access_key_id,
                                      aws_secret_access_key=aws_secret_access_key)
            self.in_queue = resource.get_queue_by_name(QueueName=in_queue)

        if out_queue:
            client = boto3.client('sqs', region_name=aws_region,
                                  aws_access_key_id=aws_access_key_id,
                                  aws_secret_access_key=aws_secret_access_key)
            self.out_queue = client.get_queue_url(QueueName=out_queue)['QueueUrl'] 

def _delete_request(self):
        """
        Handles delete request from cloudformation custom resource
        :return: 
        """

        try:
            self.delete_templates()
            self.delete_external_task_config_stacks()
            if allow_send_metrics():
                self._send_delete_metrics()
            return True

        except Exception as ex:
            self.response["Reason"] = str(ex)
            return False 

def _create_request(self):
        """
        Handles create request from cloudformation custom resource
        :return: 
        """

        try:
            self._setup()
            self.physical_resource_id = self.__class__.__name__.lower()
            if allow_send_metrics():
                self._send_create_metrics()
            return True

        except Exception as ex:
            self.response["Reason"] = str(ex)
            return False 

def handle_request(self):
        """
        Handles the custom resource request from cloudformation
        :return: 
        """

        start = datetime.now()

        self._logger.info("Cloudformation request is {}", safe_json(self._event, indent=2))

        try:
            result = CustomResource.handle_request(self)

            return safe_dict({
                "result": result,
                "datetime": datetime.now().isoformat(),
                "running-time": (datetime.now() - start).total_seconds()
            })
        except Exception as ex:
            self._logger.error(ERR_HANDLING_SETUP_REQUEST, ex, full_stack())
            raise ex

        finally:
            self._logger.flush() 

def delete_ami(ami_id):
    ensure_ami_exists(ami_id)

    print('Deleting ami: {ami_id}'.format(ami_id=ami_id))
    ec2 = boto3.resource('ec2')
    image = ec2.Image(ami_id)

    # retrieve the mappings before deregistering the image
    mappings = image.block_device_mappings
    print('Got these mappings: {mappings}'.format(mappings=mappings))

    # first we deregister the image
    image.deregister()
    print('Image {ami_id} deregistered'.format(ami_id=ami_id))

    snapshot_ids = [block_device_mapping['Ebs']['SnapshotId'] for block_device_mapping in mappings]
    print('Got snapshots {snapshot_ids}'.format(snapshot_ids=snapshot_ids))
    for snapshot_id in snapshot_ids:
        ec2.Snapshot(snapshot_id).delete()
    print('Deleted snaphots: {snapshot_ids}'.format(snapshot_ids=snapshot_ids)) 

def updateVersions(region="us-east-1", table="credential-store"):
    '''
    do a full-table scan of the credential-store,
    and update the version format of every credential if it is an integer
    '''
    dynamodb = boto3.resource('dynamodb', region_name=region)
    secrets = dynamodb.Table(table)

    response = secrets.scan(ProjectionExpression="#N, version, #K, contents, hmac",
                            ExpressionAttributeNames={"#N": "name", "#K": "key"})

    items = response["Items"]

    for old_item in items:
        if isInt(old_item['version']):
            new_item = copy.copy(old_item)
            new_item['version'] = credstash.paddedInt(new_item['version'])
            if new_item['version'] != old_item['version']:
                secrets.put_item(Item=new_item)
                secrets.delete_item(Key={'name': old_item['name'], 'version': old_item['version']})
        else:
            print "Skipping item: %s, %s" % (old_item['name'], old_item['version']) 

def assert_alarm(self, name, pattern, remediate=False):
        logs = clients.logs
        sns = resources.sns
        alarm_ok = False
        for trail in self.trails:
            log_group_name = ARN(trail["CloudWatchLogsLogGroupArn"]).resource.split(":")[1]
            for metric_filter in logs.describe_metric_filters(logGroupName=log_group_name)["metricFilters"]:
                if metric_filter["filterPattern"] == pattern:
                    for alarm in self.alarms:
                        try:
                            self.assertEqual(alarm.metric_name, metric_filter["metricTransformations"][0]["metricName"])
                            self.assertGreater(len(list(sns.Topic(alarm.alarm_actions[0]).subscriptions.all())), 0)
                            alarm_ok = True
                        except Exception:
                            pass
        if remediate and not alarm_ok:
            self.ensure_alarm(name=name,
                              pattern=pattern,
                              log_group_name=log_group_name)
            alarm_ok = True
        self.assertTrue(alarm_ok) 

def load_configurations(bucket_name, key_name):
    logging.getLogger().debug('[load_configurations] Start')

    try:
        s3 = boto3.resource('s3')
        file_obj = s3.Object(bucket_name, key_name)
        file_content = file_obj.get()['Body'].read()

        global config
        config = json.loads(file_content)

    except Exception as e:
        logging.getLogger().error("[load_configurations] \tError to read config file")
        raise e

    logging.getLogger().debug('[load_configurations] End') 

def _delete_lambda_role(self, name):
        iam = boto3.resource('iam')

        role_name = self._role_name(name)
        policy_name = self._policy_name(name)

        role_policy = iam.RolePolicy(role_name, policy_name)
        role = iam.Role(self._role_name(name))

        # HACK: This 'if thing in things.all()' biz seems like
        # a very inefficient way to check for resource
        # existence...
        if role_policy in role.policies.all():
            role_policy.delete()

        if role in iam.roles.all():
            role.delete() 

def save_directory(self, source_dir, target_name):
        import boto3

        # Stolen from:
        # https://github.com/boto/boto3/issues/358#issuecomment-346093506
        target_name = target_name or os.path.basename(source_dir)
        all_files = []
        for root, dirs, files in os.walk(source_dir):
            all_files += [os.path.join(root, f) for f in files]
        s3_resource = boto3.resource("s3")

        for filename in all_files:
            file_location = s3_join(
                self.dir, target_name, os.path.relpath(filename, source_dir)
            )
            s3_resource.Object(self.bucket, file_location).put(
                Body=open(filename, "rb")
            ) 

def audit_2_3(self):
        """2.3 Ensure the S3 bucket CloudTrail logs to is not publicly accessible (Scored)"""
        raise NotImplementedError()
        import boto3
        s3 = boto3.session.Session(region_name="us-east-1").resource("s3")
        # s3 = boto3.resource("s3")
        # for trail in self.trails:
        #    for grant in s3.Bucket(trail["S3BucketName"]).Acl().grants:
        #    print(s3.Bucket(trail["S3BucketName"]).Policy().policy)
        for bucket in s3.buckets.all():
            print(bucket)
            try:
                print("    Policy:", bucket.Policy().policy)
            except Exception:
                pass
            for grant in bucket.Acl().grants:
                try:
                    print("    Grant:", grant)
                except Exception:
                    pass 

def updateDynamo(fileUUID):
    print("Update the dynamodb table")
    dynamodb = boto3.resource('dynamodb', region_name='us-east-1')
    table = dynamodb.Table('subtitles')

    table.update_item(
        ExpressionAttributeNames={"#S": 'State'},
        ExpressionAttributeValues={':s': 'TRANSLATED'},
        Key={'Id': fileUUID},
        TableName='subtitles',
        UpdateExpression='SET #S = :s'
    ) 

def _assert_s3_file_exists(region, s3_url):
    parsed_url = urlparse(s3_url)
    s3 = boto3.resource('s3', region_name=region)
    s3.Object(parsed_url.netloc, parsed_url.path.lstrip('/')).load() 

def __init__(self, name, aws_access_key_id, aws_secret_access_key,
            aws_region, queue_name, paths, reference=None):
        """SQS source."""
        super(Plugin, self).__init__(name, paths, reference)
        self.sqs = boto3.resource('sqs', region_name=aws_region, aws_access_key_id=aws_access_key_id, aws_secret_access_key=aws_secret_access_key)
        self.queue = self.sqs.get_queue_by_name(QueueName=queue_name) 

def __init__(self,**kwargs):
        #
        session_kwargs = {k: v for k, v in kwargs.items() if k in
                          self.session_kwargs}
        if len(session_kwargs.keys()) > 0:
            boto3.Session(**session_kwargs)

        self._db = boto3.resource('s3')
        self.bucket = kwargs['bucket']
        self._indexer = self._db.Bucket(self.bucket)

    #CRUD Operation Methods 

def get_s3_files() -> Iterable[str]:
    s3 = boto3.resource("s3")
    adv_policies_bucket = s3.Bucket(BUCKET_NAME)
    objs = adv_policies_bucket.objects.filter(Prefix=PREFIX).all()
    return [os.path.basename(o.key) for o in objs] 

def s3_etag(url, proxies=None):
    """Check ETag on S3 object."""
    s3_resource = boto3.resource("s3", config=Config(proxies=proxies))
    bucket_name, s3_path = split_s3_path(url)
    s3_object = s3_resource.Object(bucket_name, s3_path)
    return s3_object.e_tag 

def s3_get(url, temp_file, proxies=None):
    """Pull a file directly from S3."""
    s3_resource = boto3.resource("s3", config=Config(proxies=proxies))
    bucket_name, s3_path = split_s3_path(url)
    s3_resource.Bucket(bucket_name).download_fileobj(s3_path, temp_file) 

def handler(event, context):

    transcribe = boto3.client('transcribe')
    dynamodb = boto3.resource('dynamodb', region_name='us-east-1')
    table = dynamodb.Table('subtitles')

    bucket = event.get("bucket")
    fileUUID = event.get("fileUUID")
    mediaFileUri = bucket + "/2-transcoded/" + fileUUID + ".mp3"

    print("Start the transcription job : " + mediaFileUri)
    transcribe.start_transcription_job(
        TranscriptionJobName=fileUUID,
        LanguageCode='en-US',
        MediaFormat='mp3',
        Media={'MediaFileUri': "https://s3.amazonaws.com/" + mediaFileUri}
    )

    print("Update the state")
    table.update_item(
        ExpressionAttributeNames={'#S': 'State'},
        ExpressionAttributeValues={':s': 'TRANSCRIBING'},
        Key={'Id': fileUUID},
        TableName='subtitles',
        UpdateExpression='SET #S = :s'
    )

    return event 

def get_signed_url(expires_in, bucket, obj):
    """
    Generate a signed URL for an object in S3 so it can be accessed as an HTTP resource
    :param expires_in:  URL Expiration time in seconds
    :param bucket:
    :param obj:         S3 Key name
    :return:            Signed URL
    """
    s3_cli = boto3.client("s3")
    presigned_url = s3_cli.generate_presigned_url('get_object', Params={'Bucket': bucket, 'Key': obj},
                                                  ExpiresIn=expires_in)
    return presigned_url 

def __init__(self, bucket, namespace):
        self.s3 = boto3.resource('s3')
        self.bucket = bucket
        self.namespace = namespace 

def __init__(self, target_dynamo_table, region='eu-west-1'):
        self.dynamodb = resource(service_name='dynamodb', region_name=region)
        self.target_dynamo_table = target_dynamo_table
        self.table = self.dynamodb.Table(self.target_dynamo_table) 

def __init__(self, target_dynamo_table, region='eu-west-1'):
        self.dynamodb = resource(service_name='dynamodb', region_name=region)
        self.dynamo_table = target_dynamo_table
        self.table = self.dynamodb.Table(self.dynamo_table) 

def __init__(self, target_dynamo_table, region='eu-west-1'):
        self.dynamodb = resource(service_name='dynamodb', region_name=region)
        self.target_dynamo_table = target_dynamo_table
        self.table = self.dynamodb.Table(self.target_dynamo_table) 

def __init__(self, table_name):
        self.dynamo_client = resource(service_name='dynamodb',
                                      region_name='eu-west-1')
        self.table_name = table_name
        self.db_table = self.dynamo_client.Table(table_name) 

def __init__(self, target_dynamo_table, region='eu-west-1'):
        self.dynamodb = resource(service_name='dynamodb', region_name=region)
        self.target_dynamo_table = target_dynamo_table
        self.table = self.dynamodb.Table(self.target_dynamo_table) 

def __init__(self, target_dynamo_table, region='eu-west-1'):
        self.dynamodb = resource(service_name='dynamodb', region_name=region)
        self.target_dynamo_table = target_dynamo_table
        self.table = self.dynamodb.Table(self.target_dynamo_table) 

def __init__(self, table_name):
        self.dynamo_client = resource(service_name='dynamodb',
                                      region_name='eu-west-1')
        self.table_name = table_name
        self.db_table = self.dynamo_client.Table(table_name) 

def __init__(self, target_dynamo_table, region='eu-west-1'):
        self.dynamodb = resource(service_name='dynamodb', region_name=region)
        self.target_dynamo_table = target_dynamo_table
        self.table = self.dynamodb.Table(self.target_dynamo_table) 

def __init__(self):
        self._client = boto3.client("iam")
        self._resource = boto3.resource("iam")