Source code for runhouse.resources.secrets.provider_secrets.aws_secret

import configparser
import copy
import io
import os
from pathlib import Path

from typing import Dict, Union

from runhouse.resources.blobs.file import File
from runhouse.resources.secrets.provider_secrets.provider_secret import ProviderSecret
from runhouse.resources.secrets.utils import _check_file_for_mismatches

[docs]class AWSSecret(ProviderSecret): """ .. note:: To create an AWSSecret, please use the factory method :func:`provider_secret` with ``provider="aws"``. """ _PROVIDER = "aws" _DEFAULT_CREDENTIALS_PATH = "~/.aws/credentials" _DEFAULT_ENV_VARS = { "access_key": "AWS_ACCESS_KEY_ID", "secret_key": "AWS_SECRET_ACCESS_KEY", } @staticmethod def from_config(config: dict, dryrun: bool = False, _resolve_children: bool = True): return AWSSecret(**config, dryrun=dryrun) def _write_to_file( self, path: Union[str, File], values: Dict, overwrite: bool = False ): new_secret = copy.deepcopy(self) if not _check_file_for_mismatches( path, self._from_path(path), values, overwrite ): parser = configparser.ConfigParser() section_name = "default" parser.add_section(section_name) parser.set( section=section_name, option="aws_access_key_id", value=values["access_key"], ) parser.set( section=section_name, option="aws_secret_access_key", value=values["secret_key"], ) if isinstance(path, File): # TODO: may be a better way of getting config parser data? with io.StringIO() as ss: parser.write(ss) data = path.write(data, serialize=False, mode="w") else: full_path = os.path.expanduser(path) Path(full_path).parent.mkdir(parents=True, exist_ok=True) with open(full_path, "w+") as f: parser.write(f) new_secret._add_to_rh_config(path) new_secret._values = None new_secret.path = path return new_secret def _from_path(self, path: Union[str, File]): config = configparser.ConfigParser() if isinstance(path, File): if not path.exists_in_system(): return {} config.read_string(path.fetch(deserialize=False, mode="r")) elif path and os.path.exists(os.path.expanduser(path)): else: return {} section_name = "default" access_key = config[section_name]["aws_access_key_id"] secret_key = config[section_name]["aws_secret_access_key"] return { "access_key": access_key, "secret_key": secret_key, }