Skip to content

Commit 26c0369

Browse files
Peter-ShPeter-Sh
committed
Add profile base auth for AWS
1 parent c01ccdf commit 26c0369

File tree

1 file changed

+32
-34
lines changed

1 file changed

+32
-34
lines changed

src/redis_release/state_manager.py

Lines changed: 32 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -22,19 +22,22 @@ def __init__(
2222
bucket_name: Optional[str] = None,
2323
dry_run: bool = False,
2424
aws_region: str = "us-east-1",
25+
aws_profile: Optional[str] = None,
2526
):
2627
"""Initialize state manager.
2728
2829
Args:
2930
bucket_name: S3 bucket name for state storage
3031
dry_run: If True, simulate operations without making real S3 calls
3132
aws_region: AWS region for S3 bucket
33+
aws_profile: AWS profile name to use for authentication
3234
"""
3335
self.bucket_name = bucket_name or os.getenv(
3436
"REDIS_RELEASE_STATE_BUCKET", "redis-release-state"
3537
)
3638
self.dry_run = dry_run
3739
self.aws_region = aws_region
40+
self.aws_profile = aws_profile or os.getenv("AWS_PROFILE")
3841
self._s3_client = None
3942

4043
# AWS credentials from environment variables only
@@ -50,46 +53,41 @@ def s3_client(self):
5053
"""Lazy initialization of S3 client."""
5154
if self._s3_client is None and not self.dry_run:
5255
try:
53-
if not self.aws_access_key_id or not self.aws_secret_access_key:
54-
console.print("[red]AWS credentials not found[/red]")
55-
console.print(
56-
"[yellow]Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables[/yellow]"
56+
# Try profile-based authentication first
57+
if self.aws_profile:
58+
console.print(f"[blue]Using AWS profile: {self.aws_profile}[/blue]")
59+
session = boto3.Session(profile_name=self.aws_profile)
60+
self._s3_client = session.client("s3", region_name=self.aws_region)
61+
# Fall back to environment variables
62+
elif self.aws_access_key_id and self.aws_secret_access_key:
63+
console.print("[blue]Using AWS credentials from environment variables[/blue]")
64+
self._s3_client = boto3.client(
65+
"s3",
66+
aws_access_key_id=self.aws_access_key_id,
67+
aws_secret_access_key=self.aws_secret_access_key,
68+
aws_session_token=self.aws_session_token,
69+
region_name=self.aws_region,
5770
)
71+
else:
72+
console.print("[red]AWS credentials not found[/red]")
73+
console.print("[yellow]Set AWS_PROFILE or AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY environment variables[/yellow]")
5874
raise NoCredentialsError()
5975

60-
console.print(
61-
"[blue]Using AWS credentials from environment variables[/blue]"
62-
)
63-
self._s3_client = boto3.client(
64-
"s3",
65-
aws_access_key_id=self.aws_access_key_id,
66-
aws_secret_access_key=self.aws_secret_access_key,
67-
aws_session_token=self.aws_session_token,
68-
region_name=self.aws_region,
69-
)
70-
71-
try:
72-
self._s3_client.head_bucket(Bucket=self.bucket_name)
73-
console.print(
74-
f"[green]Connected to S3 bucket: {self.bucket_name}[/green]"
75-
)
76-
except ClientError as e:
77-
if e.response["Error"]["Code"] == "404":
78-
console.print(
79-
f"[yellow]S3 bucket not found: {self.bucket_name}[/yellow]"
80-
)
81-
self._create_bucket()
82-
else:
83-
raise
76+
# Test connection
77+
self._s3_client.head_bucket(Bucket=self.bucket_name)
78+
console.print(f"[green]Connected to S3 bucket: {self.bucket_name}[/green]")
8479

80+
except ClientError as e:
81+
if e.response["Error"]["Code"] == "404":
82+
console.print(f"[yellow]S3 bucket not found: {self.bucket_name}[/yellow]")
83+
self._create_bucket()
84+
else:
85+
console.print(f"[red]S3 error: {e}[/red]")
86+
raise
8587
except NoCredentialsError:
86-
console.print("[red]AWS credentials not found[/red]")
87-
console.print(
88-
"[yellow]Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables[/yellow]"
89-
)
9088
raise
91-
except ClientError as e:
92-
console.print(f"[red]S3 error: {e}[/red]")
89+
except Exception as e:
90+
console.print(f"[red]AWS authentication error: {e}[/red]")
9391
raise
9492

9593
return self._s3_client

0 commit comments

Comments
 (0)