Library Usage¶
To use S3Vault Library in a project:
import s3vaultlib
Creating a S3Vault¶
You need a proper configuration file that describe your S3Vault setup (you can check `resources/s3vault.example.yml`
as reference:
from s3vaultlib.configmanager import ConfigManager
from s3vaultlib.policymanager import PolicyManager
config = ConfigManager('s3vaultlib/resources/s3vault.example.yml')
policies = PolicyManager(config)
cloudformation_template = policies.generate_cloudformation()
You can then apply the cloudformation template to your AWS account and it will take care to configure the bucket to host an S3Vault
Managing a s3vault¶
- Instantiate a vault:
import s3vaultlib
from s3vaultlib.connectionfactory import ConnectionFactory
conn_manager = ConnectionFactory()
s3vault = S3Vault('my-bucket', '/vault', connection_factory=conn_manager)
- Upload a file in the vault:
# the encryption key will be guessed by resolving a KMS-Alias with the name of the role of the EC2 instance
# where you are running the script
metadata = s3vault.put_file(src='test.dat', dest='test.dat')
- Update a configuration file in the vault:
# explicit usage of KMS-Alias
s3vault.set_property(configfile='myconfiguration', key='username', value='test_user', key_alias='my-kms-alias')
- Expand a template file from a S3Vault
Assuming there is a object in the vault named mycert
we can create a template like the following:
$ cat mycert.tpl
{{ mycert }}
and we can expand the template with the library:
rendered_data = s3vault.render_template('mycert.tpl')
print(rendered_data)
Extended documentation¶
Check out the module autogenerated documentation here: Module Index