Skip to content

added option to provide profile names or aws credentials to the script #83

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

added option to provide profile names or aws credentials to the script #83

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b07d1ea
added option to provide profile names or aws credentials to the script
simplesteph Sep 28, 2016
fab3eba
reduced line length to pass travis CI
simplesteph Sep 28, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,12 @@ useful for production environments.
If your certificate is not expiring soon, but you need to issue a new one
anyways, the `--force-issue` flag can be provided.

If you would like to specify a profile to use (see http://boto3.readthedocs.io/en/latest/guide/configuration.html),
provide the profile name with the `--profile-name` argument.

If you would like to specify an aws keys (see http://boto3.readthedocs.io/en/latest/guide/configuration.html),
provide them with the `--aws-access-key-id`, `--aws-secret-access-key`, and the optional `--aws-session-token` arguments.

If you're into [Docker](https://www.docker.com/), there is an automatically
built image of `letsencrypt-aws` available as
[`alexgaynor/letsencrypt-aws`](https://hub.docker.com/r/alexgaynor/letsencrypt-aws/).
Expand Down
37 changes: 35 additions & 2 deletions letsencrypt-aws.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -481,14 +481,47 @@ def cli():
"expiration."
)
)
def update_certificates(persistent=False, force_issue=False):
@click.option(
"--aws-access-key-id", type=str, help=(
"Specify an aws access key id (must also use --aws-secret-access-key)"
)
)
@click.option(
"--aws-secret-access-key", type=str, help=(
"Specify an aws secret access key (must also use --aws-access-key-id)"
)
)
@click.option(
"--aws-session-token", type=str, help=(
"""Optional AWS session token
(must use both --aws-secret-access-key and --aws-access-key-id)"""
)
)
@click.option(
"--profile-name", type=str, help=(
"""Specify a profile to use for Boto.
See http://boto3.readthedocs.io/en/latest/guide/configuration.html
for more information"""
)
)
def update_certificates(persistent=False, force_issue=False,
profile_name=None, aws_access_key_id=None,
aws_secret_access_key=None, aws_session_token=None):
logger = Logger()
logger.emit("startup")

if persistent and force_issue:
raise ValueError("Can't specify both --persistent and --force-issue")

session = boto3.Session()
if aws_access_key_id or aws_secret_access_key or aws_session_token:
if aws_access_key_id is None or aws_secret_access_key is None:
raise ValueError("""You need to provide both --aws-access-key-id
and --aws-secret-access-key""")

session = boto3.Session(profile_name=profile_name,
aws_access_key_id=aws_access_key_id,
aws_secret_access_key=aws_secret_access_key,
aws_session_token=aws_session_token)
s3_client = session.client("s3")
elb_client = session.client("elb")
route53_client = session.client("route53")
Expand Down