update client to pull credentials from boto3 Session

this should provide support for execution as Fargate ECS
NASA-PDS · Sep 13, 2024 · 0ba1b2f · 0ba1b2f
1 parent d98d43b
commit 0ba1b2f
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 6 deletions.
diff --git a/scratch/es-to-aoss-migration/dump-aoss-lidvids.py b/scratch/es-to-aoss-migration/dump-aoss-lidvids.py
@@ -3,12 +3,12 @@
 from opensearchpy import RequestsAWSV4SignerAuth, OpenSearch, RequestsHttpConnection
 
 from pds.registrysweepers.utils.db import query_registry_db_with_search_after
-from pds.registrysweepers.utils.db.client import get_aws_credentials_from_ssm
+from pds.registrysweepers.utils.db.client import get_aws_credentials_from_ec2_metadata_service
 
 iam_role_name = 'temp-mcp-ec2-opensearch-role'
 aoss_host = 'b3rqys09xmx9i19yn64i.us-west-2.aoss.amazonaws.com'
 
-credentials = get_aws_credentials_from_ssm(iam_role_name)
+credentials = get_aws_credentials_from_ec2_metadata_service(iam_role_name)
 
 auth = RequestsAWSV4SignerAuth(credentials, 'us-west-2', 'aoss')
 

diff --git a/scratch/es-to-aoss-migration/upload-missing-content.py b/scratch/es-to-aoss-migration/upload-missing-content.py
@@ -3,12 +3,12 @@
 from opensearchpy import RequestsAWSV4SignerAuth, OpenSearch, RequestsHttpConnection
 
 from pds.registrysweepers.utils.db import _write_bulk_updates_chunk
-from pds.registrysweepers.utils.db.client import get_aws_credentials_from_ssm
+from pds.registrysweepers.utils.db.client import get_aws_credentials_from_ec2_metadata_service
 
 iam_role_name = 'temp-mcp-ec2-opensearch-role'
 aoss_host = 'b3rqys09xmx9i19yn64i.us-west-2.aoss.amazonaws.com'
 
-credentials = get_aws_credentials_from_ssm(iam_role_name)
+credentials = get_aws_credentials_from_ec2_metadata_service(iam_role_name)
 
 auth = RequestsAWSV4SignerAuth(credentials, 'us-west-2', 'aoss')
 

diff --git a/src/pds/registrysweepers/utils/db/client.py b/src/pds/registrysweepers/utils/db/client.py
@@ -1,7 +1,9 @@
 import json
 import logging
 import os
+from typing import Union
 
+import boto3
 import requests
 from botocore.credentials import Credentials
 from opensearchpy import OpenSearch
@@ -61,7 +63,7 @@ def get_userpass_opensearch_client(
     )
 
 
-def get_aws_credentials_from_ssm(iam_role_name: str) -> Credentials:
+def get_aws_credentials_from_ec2_metadata_service(iam_role_name: str) -> Credentials:
     url = f"http://169.254.169.254/latest/meta-data/iam/security-credentials/{iam_role_name}"
     response = requests.get(url)
     if response.status_code != 200:
@@ -78,7 +80,7 @@ def get_aws_credentials_from_ssm(iam_role_name: str) -> Credentials:
 
 def get_aws_aoss_client_from_ssm(endpoint_url: str, iam_role_name: str) -> OpenSearch:
     # https://opensearch.org/blog/aws-sigv4-support-for-clients/
-    credentials = get_aws_credentials_from_ssm(iam_role_name)
+    credentials = boto3.Session().get_credentials()
     auth = RequestsAWSV4SignerAuth(credentials, "us-west-2", "aoss")
     return get_aws_opensearch_client(endpoint_url, auth)