nuclearpinguin commented on a change in pull request #7619: [AIRFLOW-6975] Base
AWSHook AssumeRoleWithSAML
URL: https://github.com/apache/airflow/pull/7619#discussion_r387531756
##########
File path: airflow/providers/amazon/aws/hooks/base_aws.py
##########
@@ -156,26 +157,31 @@ def _get_credentials(self, region_name):
**session_kwargs
)
sts_client = sts_session.client("sts", config=self.config)
- # Assume role
+
assume_role_kwargs = dict()
if "assume_role_kwargs" in extra_config:
assume_role_kwargs = extra_config["assume_role_kwargs"]
- if "external_id" in extra_config: # Backwards
compatibility
- assume_role_kwargs["ExternalId"] = extra_config.get(
- "external_id"
- )
- role_session_name = "Airflow_" + self.aws_conn_id
- self.log.info(
- "Doing assume_role to role_arn=%s
role_session_name=%s",
+ assume_role_method = None
+ if "assume_role_method" in extra_config:
+ assume_role_method = extra_config['assume_role_method']
+ self.log.info("assume_role_method=%s", assume_role_method)
+ method = None
+ if not assume_role_method:
+ method = self._assume_role
+ elif assume_role_method == 'assume_role_with_saml':
+ method = self._assume_role_with_saml
+ else:
+ raise NotImplementedError(
+ 'assume_role_method=%s' % assume_role_method)
Review comment:
When I get this exception I've got no idea what went wrong. The information
should be more meaningful and probably NotImplementedError is not a best here.
Also, we can us f-strings for formatting :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
