Library Usage

To use S3Vault Library in a project:

import s3vaultlib

Creating a S3Vault

You need a proper configuration file that describe your S3Vault setup (you can check `resources/s3vault.example.yml` as reference:

from s3vaultlib.configmanager import ConfigManager
from s3vaultlib.policymanager import PolicyManager

config = ConfigManager('s3vaultlib/resources/s3vault.example.yml')
policies = PolicyManager(config)
cloudformation_template = policies.generate_cloudformation()

You can then apply the cloudformation template to your AWS account and it will take care to configure the bucket to host an S3Vault

Managing a s3vault

• Instantiate a vault:

import s3vaultlib
from s3vaultlib.connectionfactory import ConnectionFactory
conn_manager = ConnectionFactory()
s3vault = S3Vault('my-bucket', '/vault', connection_factory=conn_manager)

• Upload a file in the vault:

# the encryption key will be guessed by resolving a KMS-Alias with the name of the role of the EC2 instance
# where you are running the script
metadata = s3vault.put_file(src='test.dat', dest='test.dat')

• Update a configuration file in the vault:

# explicit usage of KMS-Alias
s3vault.set_property(configfile='myconfiguration', key='username', value='test_user', key_alias='my-kms-alias')

• Expand a template file from a S3Vault

Assuming there is a object in the vault named mycert we can create a template like the following:

$ cat mycert.tpl
{{ mycert }}

and we can expand the template with the library:

rendered_data = s3vault.render_template('mycert.tpl')
print(rendered_data)

Extended documentation

Check out the module autogenerated documentation here: Module Index