lakefs.config module

Client configuration module

class lakefs.config.ClientConfig(verify_ssl=None, proxy=None, **kwargs)[source]

Bases: Configuration

Configuration class for the SDK Client. Instantiation will try to get authentication methods using the following chain:

  1. Provided kwargs to __init__ func (should contain necessary credentials as defined in lakefs_sdk.Configuration)

  2. Use LAKECTL_SERVER_ENDPOINT_URL, LAKECTL_ACCESS_KEY_ID and LAKECTL_ACCESS_SECRET_KEY if set

  3. Try to read ~/.lakectl.yaml if exists

  4. Use IAM role from current machine (using AWS IAM role will work only with enterprise/cloud)

This class also encapsulates the required lakectl configuration for authentication and used to unmarshall the lakectl yaml file.

class AWSIAMProviderConfig(token_ttl_seconds, url_presign_ttl_seconds, token_request_headers)[source]

Bases: object

lakectl configuration’s credentials block

token_request_headers: Optional[Dict]
token_ttl_seconds: int
url_presign_ttl_seconds: int
class AuthType(value)[source]

Bases: Enum

Enum for the supported authentication types

CREDENTIALS = 2
IAM = 3
SESSION_TOKEN = 1
class Credentials(**kwargs)[source]

Bases: LenientNamedTuple

lakectl configuration’s credentials block

access_key_id: str
secret_access_key: str
class IAMProvider(type, aws_iam)[source]

Bases: object

An IAM authentication provider

aws_iam: Optional[AWSIAMProviderConfig]
type: ProviderType
class ProviderType(value)[source]

Bases: Enum

Enum for the supported authentication provider types

AWS_IAM = 'aws_iam'
UNKNOWN = 'unknown'
class Server(**kwargs)[source]

Bases: LenientNamedTuple

lakectl configuration’s server block

endpoint_url: str
access_token = None

Access token

credentials = Credentials()
get_auth_type()[source]

Returns the type of authentication used: either SessionToken, Credentials, or IAMProvider ORDER MATTERS! SessionToken > Credentials > IAMProvider. self._iam_provider will be none if Session Token auth is used. self.access_token will be populated for both Session Token and IAMProvider auth, therefore it’s tested after self._iam_provider. :rtype: Optional[AuthType] :return: ClientConfig.AuthType

property iam_provider: IAMProvider | None

Returns the IAM provider used for authentication. :return: ClientConfig.IAMProvider

password = None

Password for HTTP basic authentication

server = Server()
username = None

Username for HTTP basic authentication