# Poetry AWS Plugin
This is a poetry plugin to help with AWS CodeArtifact authorization by automatically getting the authorization token.
When installing or publishing packages through poetry, the plugin will check whether the command requires CodeArtifact authorization, and if so, adds it automatically.
The plugin will try two methods of authorization, in this order:
1. Use AWS credentials to run `sts.AssumeRole`, then use that role to run `codeartifact.GetAuthorizationToken`.
2. Use AWS credentials to run `codeartifact.GetAuthorizationToken`.
## Installation
To install the plugin
```
poetry self add poetry-aws-plugin
```
To uninstall the plugin
```
poetry self remove poetry-aws-plugin
```
## Usage
You must ensure that your AWS credentials are configured and discoverable by `boto3`. The [`boto3` documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials) has details on how to configure your credentials and the order in which they searched.
When poetry runs a command that uses CodeArtifact, the plugin will automatically check whether the command needs authorization, and if so, requests a CodeArtifact authorization token and adds it to the command.
Your AWS credentials must be authorized to do atleast one of the following:
1. Run [`codeartifact.GetAuthorizationToken`](https://docs.aws.amazon.com/cli/latest/reference/codeartifact/get-authorization-token.html).
2. Run [`sts.AssumeRole`](https://docs.aws.amazon.com/cli/latest/reference/sts/assume-role.html) to assume a role with authorization to run [`codeartifact.GetAuthorizationToken`](https://docs.aws.amazon.com/cli/latest/reference/codeartifact/get-authorization-token.html).
**To use IAM roles to authorize, set the environment variable `POETRY_AWS_PLUGIN_ROLE_ARN` to the role's ARN before running any poetry commands**.
For example:
```bash
POETRY_AWS_PLUGIN_ROLE_ARN='arn:aws:codeartifact:<region>:<account-id>:repository/<domain>/<domain-owner>/<repository>' poetry install
```
or
```bash
echo "export POETRY_AWS_PLUGIN_ROLE_ARN='arn:aws:codeartifact:<region>:<account-id>:repository/<domain>/<domain-owner>/<repository>'" >> ~/.bashrc
source ~/.bashrc
poetry install
```
You can find more details in AWS's [CodeArtifact authentication and tokens documentation](https://docs.aws.amazon.com/codeartifact/latest/ug/tokens-authentication.html) and [CodeArtifact IAM documentation](https://docs.aws.amazon.com/codeartifact/latest/ug/security_iam_service-with-iam.html).
# Misc
You can also authorize by setting the environment variable `POETRY_AWS_PLUGIN_AUTH_TOKEN` to the CodeArtifact authorization token. This may be useful in CI/CD pipelines and reducing poetry configuration.
For example:
```bash
POETRY_AWS_PLUGIN_AUTH_TOKEN='<codeartifact-authorization-token>' poetry install
```
Raw data
{
"_id": null,
"home_page": "https://github.com/xiasongh/poetry-aws-plugin",
"name": "poetry-aws-plugin",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.10",
"maintainer_email": null,
"keywords": "aws, codeartifact, poetry",
"author": "Song Huang",
"author_email": "xiasongh@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/e6/77/95f1e0c5b326f13d36653b744fa8b813f86de660745201449b942d23ddbd/poetry_aws_plugin-0.1.10.tar.gz",
"platform": null,
"description": "# Poetry AWS Plugin\n\nThis is a poetry plugin to help with AWS CodeArtifact authorization by automatically getting the authorization token.\n\nWhen installing or publishing packages through poetry, the plugin will check whether the command requires CodeArtifact authorization, and if so, adds it automatically.\n\nThe plugin will try two methods of authorization, in this order:\n\n1. Use AWS credentials to run `sts.AssumeRole`, then use that role to run `codeartifact.GetAuthorizationToken`.\n2. Use AWS credentials to run `codeartifact.GetAuthorizationToken`.\n\n## Installation\n\nTo install the plugin\n\n```\npoetry self add poetry-aws-plugin\n```\n\nTo uninstall the plugin\n\n```\npoetry self remove poetry-aws-plugin\n```\n\n## Usage\n\nYou must ensure that your AWS credentials are configured and discoverable by `boto3`. The [`boto3` documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials) has details on how to configure your credentials and the order in which they searched.\n\nWhen poetry runs a command that uses CodeArtifact, the plugin will automatically check whether the command needs authorization, and if so, requests a CodeArtifact authorization token and adds it to the command.\n\nYour AWS credentials must be authorized to do atleast one of the following:\n\n1. Run [`codeartifact.GetAuthorizationToken`](https://docs.aws.amazon.com/cli/latest/reference/codeartifact/get-authorization-token.html).\n2. Run [`sts.AssumeRole`](https://docs.aws.amazon.com/cli/latest/reference/sts/assume-role.html) to assume a role with authorization to run [`codeartifact.GetAuthorizationToken`](https://docs.aws.amazon.com/cli/latest/reference/codeartifact/get-authorization-token.html).\n\n**To use IAM roles to authorize, set the environment variable `POETRY_AWS_PLUGIN_ROLE_ARN` to the role's ARN before running any poetry commands**.\n\nFor example:\n\n```bash\nPOETRY_AWS_PLUGIN_ROLE_ARN='arn:aws:codeartifact:<region>:<account-id>:repository/<domain>/<domain-owner>/<repository>' poetry install\n```\n\nor\n\n```bash\necho \"export POETRY_AWS_PLUGIN_ROLE_ARN='arn:aws:codeartifact:<region>:<account-id>:repository/<domain>/<domain-owner>/<repository>'\" >> ~/.bashrc\nsource ~/.bashrc\npoetry install\n```\n\nYou can find more details in AWS's [CodeArtifact authentication and tokens documentation](https://docs.aws.amazon.com/codeartifact/latest/ug/tokens-authentication.html) and [CodeArtifact IAM documentation](https://docs.aws.amazon.com/codeartifact/latest/ug/security_iam_service-with-iam.html).\n\n# Misc\n\nYou can also authorize by setting the environment variable `POETRY_AWS_PLUGIN_AUTH_TOKEN` to the CodeArtifact authorization token. This may be useful in CI/CD pipelines and reducing poetry configuration.\n\nFor example:\n\n```bash\nPOETRY_AWS_PLUGIN_AUTH_TOKEN='<codeartifact-authorization-token>' poetry install\n```\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "A poetry plugin to help with AWS CodeArtifact authorization automatically",
"version": "0.1.10",
"project_urls": {
"Homepage": "https://github.com/xiasongh/poetry-aws-plugin",
"Repository": "https://github.com/xiasongh/poetry-aws-plugin"
},
"split_keywords": [
"aws",
" codeartifact",
" poetry"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "159fc4af13439f9702c00dfc0facb1e89cb801394e25072575838f28142f18c0",
"md5": "523bf1579f0599d9be8d373c8b2c631f",
"sha256": "9178dccf4e49f5018fed0b95ec27e89526e200f89eea592932f242744a7422c3"
},
"downloads": -1,
"filename": "poetry_aws_plugin-0.1.10-py3-none-any.whl",
"has_sig": false,
"md5_digest": "523bf1579f0599d9be8d373c8b2c631f",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.10",
"size": 5267,
"upload_time": "2024-04-15T19:48:59",
"upload_time_iso_8601": "2024-04-15T19:48:59.737612Z",
"url": "https://files.pythonhosted.org/packages/15/9f/c4af13439f9702c00dfc0facb1e89cb801394e25072575838f28142f18c0/poetry_aws_plugin-0.1.10-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e67795f1e0c5b326f13d36653b744fa8b813f86de660745201449b942d23ddbd",
"md5": "629946a5465606313f0824ec5b360e9b",
"sha256": "d35ae3e487b6e4d8686efc61e6e5995a5e5acf56fc6b52eae5ceedd73f3a5888"
},
"downloads": -1,
"filename": "poetry_aws_plugin-0.1.10.tar.gz",
"has_sig": false,
"md5_digest": "629946a5465606313f0824ec5b360e9b",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.10",
"size": 4269,
"upload_time": "2024-04-15T19:49:00",
"upload_time_iso_8601": "2024-04-15T19:49:00.773492Z",
"url": "https://files.pythonhosted.org/packages/e6/77/95f1e0c5b326f13d36653b744fa8b813f86de660745201449b942d23ddbd/poetry_aws_plugin-0.1.10.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-15 19:49:00",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "xiasongh",
"github_project": "poetry-aws-plugin",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "poetry-aws-plugin"
}
JSON
