Skip to content
This repository was archived by the owner on Dec 20, 2022. It is now read-only.

harvard-vpal/s3-santa

BranchesTags

Repository files navigation

s3-santa

Data request user manager for AWS S3

This python package provides functionality for creating IAM user accounts and corresponding user folders in an S3 bucket on AWS, and storing generated IAM key pairs in a user store (e.g. Google Sheet or CSV file).

Getting started

AWS resources

Create AWS resources if not already set up:

  • S3 bucket
  • IAM group
  • Add policy to IAM group (see example policy example_group_policy.json; replace the S3 bucket name with your own)

Setup

Local requirements

  • Docker
  • Docker Compose

Build environment

Clone this repo and build the environment with Docker:

git clone https://github.com/kunanit/s3-santa
cd s3-santa
docker-compose build

Configuration

Set configuration variables in a .env file, using .env.example as an example:

# name of S3 bucket
S3_BUCKET=my-data-requests

# iam group
IAM_GROUP=data-requests

# location of google service account credential file on host
HOST_GOOGLE_KEYFILE=/Users/me/.keys/data-requests-123abc.json

# location of google service account credential file in container filesystem
GOOGLE_KEYFILE=/.keys/data-requests-6c3bd3f37392.json

# file id of google spreadsheet
GOOGLE_SPREADSHEET_ID=abcdefg12345678

Usage

CLI

Functionality available though the command line interface:

# create user by username
docker-compose run santa create-user --user {USER}

# create user with autogenerated username
docker-compose run santa create-user
# Asks for confirmation after generating user name:
# >>> Create user '{USER}'? [y/n]

# deliver file to user
docker-compose run santa deliver --file {FILE} --user {USER}

s3santa package

Example of using s3santa module resources directly in Python:

from s3santa.cli import SantaCli
from s3santa.santa import Santa

# choose the user store type to use
from s3santa.user_store import GoogleSpreadsheet

# fill these in
S3_BUCKET = '' # name of s3 bucket to use
IAM_GROUP = '' # name of iam group policy
GOOGLE_KEYFILE = '' # location of google service account keyfile
GOOGLE_SPREADSHEET_ID = '' # google spreadsheet id (can be found from url)

# define the user storage to use with santa
user_store = GoogleSpreadsheet(
    spreadsheet_id=GOOGLE_SPREADSHEET_ID,
    google_keyfile=GOOGLE_KEYFILE,
)

# create santa object
santa = Santa(S3_BUCKET, IAM_GROUP, user_store)

#### Example actions ####
# create user by specifying user name
santa.create_user('mynewuser')

# create user with an autogenerated name
santa.create_user()

# deliver local file to user folder
santa.deliver(file, user)

About

Data request delivery manager with Amazon S3

Topics

python s3 iam google-sheets amazon-web-services

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages