This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MAX_RETRY_COUNT = 7 | |
DELAY_SECONDS = 5 | |
@exception_handler | |
def handler(event, context): | |
if 'Records' in event: # SQS | |
records = event.get('Records', []) | |
logger.info(f'Received events from SQS with {len(records)} records') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def test_task_completed_arrived_before_task_started(): | |
# First of all, send a task_completed event | |
_send_task_completed_event() | |
# Now wait a bit, and send a task_started event | |
time.sleep(3) | |
_send_task_started_event() | |
completed = False | |
with time_limit(MAX_RETRY_COUNT * 10): # Limit the time the test can run |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@contextlib.contextmanager | |
def time_limit(seconds): | |
def raise_timeout(signum, frame): | |
raise TimeoutError('Timed out!') | |
signal.signal(signal.SIGALRM, raise_timeout) | |
signal.alarm(seconds) | |
yield |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
data_layer.py - how to use the credentials | |
""" | |
from decorators import get_dynamodb_session_keys | |
def some_data_access_method(): | |
session = boto3.Session(**get_dynamodb_session_keys()) | |
dynamodb = session.resource("dynamodb") | |
table = dynamodb.Table(TABLE_NAME) | |
# now we can use 'table' to access with tenant_id restrictions |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
decorators.py - creating the credentials | |
""" | |
import functools | |
from contextvars import ContextVar, copy_context | |
dynamodb_session_keys = ContextVar("dynamodb_session_keys", default=None) | |
def dynamodb_tenant_isolation(func): | |
@functools.wraps(func) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import boto3 | |
def generate_credentials(event): | |
tenant_id = extract_tenant_from_auth_header(event) | |
dynamic_policy = generate_dynamodb_policy(tenant_id) | |
sts_client = boto3.client("sts") | |
assumed_role = sts_client.assume_role( | |
RoleArn="arn:aws:iam::<account-id>:role/DynamodbRoleToAssume", | |
RoleSessionName="<name-to-identify-the-assumed-role-session>", | |
Policy=dynamic_policy, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def generate_dynamodb_policy(tenant_id): | |
return { | |
"Version": "2012-10-17", | |
"Statement": [{ | |
"Effect": "Allow", | |
"Action": ["dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Query"], | |
"Resource": [ | |
f"arn:aws:dynamodb:<region>:<account-id>:table/TableName", | |
f"arn:aws:dynamodb:<region>:<account-id>:table/TableName/index/*", | |
], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
""" | |
Query meetup.com API | |
""" | |
import os | |
import time | |
import argparse | |
import sys | |
import datetime |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
... | |
<body> | |
<img id="catImage" src="https://thecatapi.com/api/images/get?format=src&type=gif"> | |
<br/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
iamRoleStatements: | |
- Effect: Allow | |
Action: | |
- dynamodb:Query | |
- dynamodb:Scan | |
- dynamodb:GetItem | |
- dynamodb:PutItem | |
- dynamodb:UpdateItem | |
- dynamodb:DeleteItem | |
Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}" |