From 5ca4816c5e62216d26b4b1a59f3a149101b1107a Mon Sep 17 00:00:00 2001 From: Mark Nunnikhoven Date: Sun, 20 Mar 2016 16:26:45 -0400 Subject: [PATCH] Script now reads default region from AWS CLI unless overridden by argument --aws-region. Closes issue #6 --- lib/core.py | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/lib/core.py b/lib/core.py index a67ad75..41a07c4 100644 --- a/lib/core.py +++ b/lib/core.py @@ -147,6 +147,22 @@ def _get_aws_credentials(self): return credentials + def _get_aws_region_from_config(self): + """ + Get the default region from a pre-configured AWS CLI installation + """ + region = None + aws_config_path = [ '{}/.aws/config'.format(os.environ['HOME']), "{}\.aws\config".format(os.environ['HOME']) ] + for path in aws_config_path: + if os.path.exists(path): + self._log("Reading AWS config from {}".format(path)) + with open(path) as fh: + for line in fh: + if line.startswith('region'): + region = line.split('=')[-1].strip() + + return region + def _connect_to_deep_security(self): dsm = None if self.args.ignore_ssl_validation: @@ -185,8 +201,12 @@ def _connect_to_aws_service(self, service_name): (shared by the AWS CLI) or an instance role """ service = None + + region = self.args.aws_region # prefer explicit region vs. CLI config + if not region: region = self._get_aws_region_from_config() + try: - aws = boto3.session.Session(aws_access_key_id=self.aws_credentials['aws_access_key_id'], aws_secret_access_key=self.aws_credentials['aws_secret_access_key'], region_name=self.args.aws_region) + aws = boto3.session.Session(aws_access_key_id=self.aws_credentials['aws_access_key_id'], aws_secret_access_key=self.aws_credentials['aws_secret_access_key'], region_name=region) service = aws.client(service_name) self._log("Connected to AWS {}".format(service_name)) except Exception, err: