All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Adds support for providing a non-aws partition value
Adds py.typed file to behave properly for mypy.
Replaces 1.7.0 which was yanked from pypi after an accidental Python version bump was released - reverted in 1.7.1
- This release fixes a regression around how
target_idsare handled. Iftarget_idswere provided as[], the intent is no accounts would be targeted. However, this was being treated asNoneand if in an Organization context, would return all Organization accounts instead.
We are releasing this as a minor version bump in case anyone has ended up with this misbehaviour as a dependency, but hopefully this will not be a breaking change for anyone.
target_idsis now typechecked to assert is correctly formed aslist[str], a list with more than one string.
- Botocove now supports an external id argument that will be passed to each Cove
session's
sts.assume_role()call
- Botocove now has a simple typecheck for the account_ids kwarg to assert a list has been provided rather than a string.
- Removed references to
org_masterkwarg and added deprecration warning
- Botocove now has a simple typecheck for the regions kwarg to assert a list has been provided rather than a string.
- Botocove no longer calls DescribeAccount per account when running in an AWS organization.
org_masteris now a deprecated kwarg: Botocove will optimistically check for permission to an AWS Organization to list accounts, and fall back to not adding metadata to CoveSession.
- Botocove's progress bar in TTY mode is now incremental as each account function returns rather than blocking on slowest thread in a batch.
- Botocove now supports AWS Organizational Unit IDs as a target and ignore ID. Child accounts and OUs will be recursively discovered and targeted for the passed OU ID.
- Botocove now supports a regions argument, allowing sessions to be run across one or many regions per account
- Reverted internal handling of output data to a dictionary rather than dataclass: issues with recursive copy required to output dataclass as dict.
- thread_workers argument
- Memory leak when running in large organizations: botocove now allows completed Session objects to be garbage collected
- Support for Policy and PolicyArn restriction on assumed roles
- Progress bar when running in TTY environment
- Strong typing: refactor underlying code without changing external behaviour
- Moved to simpler threading behaviour
- Fixed missing RoleSessionName when not using Cove's organisation master session information enrichment
- Use of async.io loop
- Added option to set a custom
RoleSessionNameparameter insts.assume_role()calls for thecovedecorator.
- Fixed bug where a large amount of accounts would cause the AWS DescribeAccount api to throttle and throw an exception
- Added option to set a custom
RoleSessionNameparameter insts.assume_role()calls for thecovedecorator.
- Add a TypedDict for CoveOutput
- Fixed bug where passing empty list to target IDs would fetch all org accounts.
- Improved fixture breaking Boto3 credentials in tests
- Support for assuming roles from accounts that are not AWS Organization masters via the org_master=False argument.
- Changelog!
- Add full typing and mypy to linting CI
- Defensive typing around
ignore_ids
- Moved to LGPLv3 licencing
- Fixed bug where Organization Master would not filter it's own account ID out.
- First release