A flexible easy to use set of AWS APIs.
Available Services: https://github.com/ex-aws?q=service&type=&language=
ExAws v2.0 breaks out every service into its own package. To use the S3
service, you need both the core :ex_aws
package as well as the :ex_aws_s3
package.
As with all ExAws services, you'll need a compatible HTTP client (defaults to
:hackney
) and whatever JSON or XML codecs needed by the services you want to
use. Consult individual service documentation for details on what each service
needs.
defp deps do
[
{:ex_aws, "~> 2.1"},
{:ex_aws_s3, "~> 2.0"},
{:hackney, "~> 1.9"},
{:sweet_xml, "~> 0.6"},
]
end
With these deps you can use ExAws
precisely as you're used to:
# make a request (with the default region)
ExAws.S3.list_objects("my-bucket") |> ExAws.request()
# or specify the region
ExAws.S3.list_objects("my-bucket") |> ExAws.request(region: "us-west-1")
# some operations support streaming
ExAws.S3.list_objects("my-bucket") |> ExAws.stream!() |> Enum.to_list()
ExAws requires valid AWS keys in order to work properly. ExAws by default does the equivalent of:
config :ex_aws,
access_key_id: [{:system, "AWS_ACCESS_KEY_ID"}, :instance_role],
secret_access_key: [{:system, "AWS_SECRET_ACCESS_KEY"}, :instance_role]
This means it will try to resolve credentials in order:
- Look for the AWS standard
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
environment variables - Resolve credentials with IAM
- If running inside ECS and a task role has been assigned it will use it
- Otherwise it will fall back to the instance role
AWS CLI config files are supported, but require an additional dependency:
{:configparser_ex, "~> 4.0"}
You can then add {:awscli, "profile_name", timeout}
to the above config and
it will pull information from ~/.aws/config
and ~/.aws/credentials
Alternatively, if you already have a profile name set in the AWS_PROFILE
environment
variable, you can use that with {:awscli, :system, timeout}
config :ex_aws,
access_key_id: [{:system, "AWS_ACCESS_KEY_ID"}, {:awscli, "default", 30}, :instance_role],
secret_access_key: [{:system, "AWS_SECRET_ACCESS_KEY"}, {:awscli, "default", 30}, :instance_role]
For role based authentication via role_arn
and source_profile
an additional
dependency is required:
{:ex_aws_sts, "~> 2.0"}
Further information on role based authentication is provided in said dependency.
Alternatively, you can also provide AWS_SESSION_TOKEN
to security_token
to authenticate
with session token:
config :ex_aws,
access_key_id: {:system, "AWS_ACCESS_KEY_ID"},
security_token: {:system, "AWS_SESSION_TOKEN"},
secret_access_key: {:system, "AWS_SECRET_ACCESS_KEY"}
ExAws by default uses hackney to make HTTP requests to AWS API. You can modify the options as such:
config :ex_aws, :hackney_opts,
follow_redirect: true,
recv_timeout: 30_000
You can set the region used by default for requests.
config :ex_aws,
region: "us-west-2",
Alternatively, the region can be set in an environment variable:
config :ex_aws,
region: {:system, "AWS_REGION"}
The default JSON codec is Jason. You can choose a different one:
config :ex_aws,
json_codec: Poison
Paths that include multiple consecutive /'s will by default be normalized to a single slash. There are cases when paths need to be literal (S3) and this normalization behaviour can be turned off via configuration:
config :ex_aws,
normalize_path: false
ExAws can also be used directly without any specific service module.
You need to figure out how the API of the specific AWS service works, in particular:
- Protocol (JSON or query).
- Path (depends on the service and the specific operation, usually "/").
- Service name (used to generate the request signature, as described here).
- Request body, query params, HTTP method, and headers (depends on the service and specific operation).
You can look for this information in the service's API reference at
docs.aws.amazon.com or, for example,
in the Go SDK API models at github.com/aws/aws-sdk-go (look for a api-*.json
file).
The protocol dictates which operation module to use for the request. If the
protocol is JSON, use ExAws.Operation.JSON
, if it's query, use
ExAws.Operation.Query
.
action = :describe_clusters
action_string = action |> Atom.to_string |> Macro.camelize
operation =
%ExAws.Operation.Query{
path: "/",
params: %{"Action" => action_string},
service: :redshift,
action: action
}
ExAws.request(operation)
data = %{
taskDefinition: "hello_world",
launchType: "FARGATE",
networkConfiguration: %{
awsvpcConfiguration: %{
subnets: ["subnet-1a2b3c4d", "subnet-4d3c2b1a"],
securityGroups: ["sg-1a2b3c4d"],
assignPublicIp: "ENABLED"
}
}
}
operation =
%ExAws.Operation.JSON{
http_method: :post,
headers: [
{"x-amz-target", "AmazonEC2ContainerServiceV20141113.RunTask"},
{"content-type", "application/x-amz-json-1.1"}
],
path: "/",
data: data,
service: :ecs
}
ExAws.request(operation)
- Easy configuration.
- Minimal dependencies. Choose your favorite JSON codec and HTTP client.
- Elixir streams to automatically retrieve paginated resources.
- Elixir protocols allow easy customization of Dynamo encoding / decoding.
- Simple. ExAws aims to provide a clear and consistent elixir wrapping around AWS APIs, not abstract them away entirely. For every action in a given AWS API there is a corresponding function within the appropriate module. Higher level abstractions like the aforementioned streams are in addition to and not instead of basic API calls.
That's it!
ExAws will retry failed AWS API requests using exponential backoff per the "Full Jitter" formula described in https://www.awsarchitectureblog.com/2015/03/backoff.html
The algorithm uses three values, which are configurable:
# default values shown below
config :ex_aws, :retries,
max_attempts: 10,
base_backoff_in_ms: 10,
max_backoff_in_ms: 10_000
max_attempts
is the maximum number of possible attempts with backoffs in between each onemax_attempts_client
may be set to a different value for client errors (4xx) (default ismax_attempts
)base_backoff_in_ms
corresponds to thebase
value described in the blog postmax_backoff_in_ms
corresponds to thecap
value described in the blog post
If you want to run mix test
, you'll need to have a local dynamodb
running
on port 8000:
docker run --rm -d -p 8000:8000 amazon/dynamodb-local -jar DynamoDBLocal.jar -port 8000
For more info please see Setting up DynamoDB Local.
The redirect test will intentionally cause a warning to be issued.
The MIT License (MIT)
Copyright (c) 2014-2020 CargoSense, Inc.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.