AWSProvider
laktory.models.resources.AWSProvider
¤
Bases: BaseProvider, PulumiResource, TerraformResource
AWS Provider
| PARAMETER | DESCRIPTION |
|---|---|
resource_name_
|
Name of the resource in the context of infrastructure as code. If None,
TYPE:
|
options
|
Resources options specifications
TYPE:
|
lookup_existing
|
Lookup resource instead of creating a new one.
TYPE:
|
variables
|
Dict of variables to be injected in the model at runtime |
alias
|
TYPE:
|
source
|
TYPE:
|
version
|
TYPE:
|
access_key
|
The access key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
TYPE:
|
allowed_account_ids
|
TYPE:
|
assume_role
|
TYPE:
|
assume_role_with_web_identity
|
TYPE:
|
custom_ca_bundle
|
File containing custom root and intermediate certificates. Can also be configured using the AWS_CA_BUNDLE environment variable. (Setting ca_bundle in the shared config file is not supported.)
TYPE:
|
default_tags
|
Configuration block with settings to default resource tags across all resources.
TYPE:
|
ec2_metadata_service_endpoint
|
Address of the EC2 metadata service endpoint to use. Can also be configured using the AWS_EC2_METADATA_SERVICE_ENDPOINT environment variable.
TYPE:
|
ec2_metadata_service_endpoint_mode
|
Protocol to use with EC2 metadata service endpoint.Valid values are IPv4 and IPv6. Can also be configured using the AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE environment variable.
TYPE:
|
forbidden_account_ids
|
TYPE:
|
http_proxy
|
URL of a proxy to use for HTTP requests when accessing the AWS API. Can also be set using the HTTP_PROXY or http_proxy environment variables.
TYPE:
|
https_proxy
|
URL of a proxy to use for HTTPS requests when accessing the AWS API. Can also be set using the HTTPS_PROXY or https_proxy environment variables.
TYPE:
|
ignore_tags
|
Configuration block with settings to ignore resource tags across all resources.
TYPE:
|
insecure
|
Explicitly allow the provider to perform 'insecure' SSL requests. If omitted, default value is false
TYPE:
|
max_retries
|
The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
TYPE:
|
no_proxy
|
Comma-separated list of hosts that should not use HTTP or HTTPS proxies. Can also be set using the NO_PROXY or no_proxy environment variables.
TYPE:
|
profile
|
The profile for API operations. If not set, the default profile created with aws configure will be used.
TYPE:
|
region
|
The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc. It can also be sourced from the following environment variables: AWS_REGION, AWS_DEFAULT_REGION
TYPE:
|
retry_mode
|
Specifies how retries are attempted. Valid values are standard and adaptive. Can also be configured using the AWS_RETRY_MODE environment variable.
TYPE:
|
s3_us_east1_regional_endpoint
|
Specifies whether S3 API calls in the us-east-1 region use the legacy global endpoint or a regional endpoint. Valid values are legacy or regional. Can also be configured using the AWS_S3_US_EAST_1_REGIONAL_ENDPOINT environment variable or the s3_us_east_1_regional_endpoint shared config file parameter
TYPE:
|
s3_use_path_style
|
Set this to true to enable the request to use path-style addressing, i.e., https://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (https://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
TYPE:
|
secret_key
|
The secret key for API operations. You can retrieve this from the 'Security & Credentials' section of the AWS console.
TYPE:
|
shared_config_files
|
List of paths to shared config files. If not set, defaults to [~/.aws/config].
TYPE:
|
shared_credentials_files
|
List of paths to shared credentials files. If not set, defaults to [~/.aws/credentials].
TYPE:
|
skip_credentials_validation
|
Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
TYPE:
|
skip_metadata_api_check
|
Skip the AWS Metadata API check. Used for AWS API implementations that do not have a metadata api endpoint.
TYPE:
|
skip_region_validation
|
Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are not public (yet).
TYPE:
|
skip_requesting_account_id
|
Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
TYPE:
|
sts_region
|
The region where AWS STS operations will take place. Examples are us-east-1 and us-west-2.
TYPE:
|
token
|
Session token. A session token is only required if you are using temporary security credentials.
TYPE:
|
use_dualstack_endpoint
|
Resolve an endpoint with DualStack capability
TYPE:
|
use_fips_endpoint
|
Resolve an endpoint with FIPS capability
TYPE:
|
Examples:
from laktory import models
p = models.AWSProvider(
access_key="${vars.AWS_ACCESS_KEY}",
)
| METHOD | DESCRIPTION |
|---|---|
inject_vars |
Inject model variables values into a model attributes. |
inject_vars_into_dump |
Inject model variables values into a model dump. |
model_validate_json_file |
Load model from json file object |
model_validate_yaml |
Load model from yaml file object using laktory.yaml.RecursiveLoader. Supports |
push_vars |
Push variable values to all child recursively |
validate_assignment_disabled |
Updating a model attribute inside a model validator when |
| ATTRIBUTE | DESCRIPTION |
|---|---|
core_resources |
List of core resources to be deployed with this laktory model:
|
default_resource_name |
Resource default name constructed as
TYPE:
|
pulumi_properties |
Resources properties formatted for pulumi:
TYPE:
|
pulumi_renames |
Map of fields to rename when dumping model to pulumi |
resource_key |
Resource key used to build default resource name. Equivalent to
TYPE:
|
resource_name |
dots (.) are allowed to support terraform aliases
TYPE:
|
resource_type_id |
Resource type id used to build default resource name. Equivalent to
TYPE:
|
self_as_core_resources |
Flag set to
|
terraform_excludes |
List of fields to exclude when dumping model to terraform |
terraform_properties |
Resources properties formatted for terraform:
TYPE:
|
terraform_renames |
Map of fields to rename when dumping model to terraform |
core_resources
property
¤
List of core resources to be deployed with this laktory model: - class instance (self)
default_resource_name
property
¤
Resource default name constructed as
- {self.resource_type_id}-{self.resource_key}
- removing ${resources....} tags
- removing ${vars....} tags
- Replacing special characters with - to avoid conflicts with resource properties
pulumi_properties
property
¤
Resources properties formatted for pulumi:
- Serialization (model dump)
- Removal of excludes defined in
self.pulumi_excludes - Renaming of keys according to
self.pulumi_renames - Injection of variables
| RETURNS | DESCRIPTION |
|---|---|
dict
|
Pulumi-safe model dump |
pulumi_renames
property
¤
Map of fields to rename when dumping model to pulumi
resource_key
property
¤
Resource key used to build default resource name. Equivalent to name properties if available. Otherwise, empty string.
resource_name
property
¤
dots (.) are allowed to support terraform aliases
resource_type_id
property
¤
Resource type id used to build default resource name. Equivalent to class name converted to kebab case. e.g.: SecretScope -> secret-scope
self_as_core_resources
property
¤
Flag set to True if self must be included in core resources
terraform_excludes
property
¤
List of fields to exclude when dumping model to terraform
terraform_properties
property
¤
Resources properties formatted for terraform:
- Serialization (model dump)
- Removal of excludes defined in
self.terraform_excludes - Renaming of keys according to
self.terraform_renames - Injection of variables
| RETURNS | DESCRIPTION |
|---|---|
dict
|
Terraform-safe model dump |
terraform_renames
property
¤
Map of fields to rename when dumping model to terraform
inject_vars(inplace=False, vars=None)
¤
Inject model variables values into a model attributes.
| PARAMETER | DESCRIPTION |
|---|---|
inplace
|
If
TYPE:
|
vars
|
A dictionary of variables to be injected in addition to the model internal variables.
TYPE:
|
| RETURNS | DESCRIPTION |
|---|---|
|
Model instance. |
Examples:
from typing import Union
from laktory import models
class Cluster(models.BaseModel):
name: str = None
size: Union[int, str] = None
c = Cluster(
name="cluster-${vars.my_cluster}",
size="${{ 4 if vars.env == 'prod' else 2 }}",
variables={
"env": "dev",
},
).inject_vars()
print(c)
# > variables={'env': 'dev'} name='cluster-${vars.my_cluster}' size=2
References
Source code in laktory/models/basemodel.py
371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 | |
inject_vars_into_dump(dump, inplace=False, vars=None)
¤
Inject model variables values into a model dump.
| PARAMETER | DESCRIPTION |
|---|---|
dump
|
Model dump (or any other general purpose mutable object) |
inplace
|
If
TYPE:
|
vars
|
A dictionary of variables to be injected in addition to the model internal variables. |
| RETURNS | DESCRIPTION |
|---|---|
|
Model dump with injected variables. |
Examples:
from laktory import models
m = models.BaseModel(
variables={
"env": "dev",
},
)
data = {
"name": "cluster-${vars.my_cluster}",
"size": "${{ 4 if vars.env == 'prod' else 2 }}",
}
print(m.inject_vars_into_dump(data))
# > {'name': 'cluster-${vars.my_cluster}', 'size': 2}
References
Source code in laktory/models/basemodel.py
452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 | |
model_validate_json_file(fp)
classmethod
¤
Load model from json file object
| PARAMETER | DESCRIPTION |
|---|---|
fp
|
file object structured as a json file
TYPE:
|
| RETURNS | DESCRIPTION |
|---|---|
Model
|
Model instance |
Source code in laktory/models/basemodel.py
273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 | |
model_validate_yaml(fp)
classmethod
¤
Load model from yaml file object using laktory.yaml.RecursiveLoader. Supports
reference to external yaml and sql files using !use, !extend and !update tags.
Path to external files can be defined using model or environment variables.
Referenced path should always be relative to the file they are referenced from.
| PARAMETER | DESCRIPTION |
|---|---|
fp
|
file object structured as a yaml file
TYPE:
|
| RETURNS | DESCRIPTION |
|---|---|
Model
|
Model instance |
Examples:
businesses:
apple:
symbol: aapl
address: !use addresses.yaml
<<: !update common.yaml
emails:
- jane.doe@apple.com
- extend! emails.yaml
amazon:
symbol: amzn
address: !use addresses.yaml
<<: update! common.yaml
emails:
- john.doe@amazon.com
- extend! emails.yaml
Source code in laktory/models/basemodel.py
214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 | |
push_vars(update_core_resources=False)
¤
Push variable values to all child recursively
Source code in laktory/models/basemodel.py
341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 | |
validate_assignment_disabled()
¤
Updating a model attribute inside a model validator when validate_assignment
is True causes an infinite recursion by design and must be turned off
temporarily.
Source code in laktory/models/basemodel.py
323 324 325 326 327 328 329 330 331 332 333 334 335 | |