Core Utilities¶

Core utility functions used across the library.

core_utils ¶

Core AWS utility functions for building ARNs.

This module provides functions for constructing AWS ARNs for various services.

Functions¶

build_arn ¶

build_arn(
    partition: str = "aws",
    service: str | None = None,
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: str | None = None,
    resource_delim: Literal["/", ":"] = ":",
) -> str

Build an AWS ARN string.

Parameters:

Name	Type	Description	Default
`partition`	`str`	AWS partition. Defaults to "aws".	`'aws'`
`service`	`Optional[str]`	AWS service name. Defaults to "*".	`None`
`region`	`Optional[str]`	AWS region. Defaults to current region.	`None`
`account`	`Optional[str]`	AWS account ID. Defaults to current account.	`None`
`resource_id`	`Optional[str]`	Resource identifier. Defaults to "*".	`None`
`resource_type`	`Optional[str]`	Resource type prefix.	`None`
`resource_delim (Literal["/", "`		"]): Delimiter between type and ID.	required

Returns:

Type	Description
`str`	The constructed ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_arn(
    partition: str = "aws",
    service: str | None = None,
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: str | None = None,
    resource_delim: Literal["/", ":"] = ":",
) -> str:
    """Build an AWS ARN string.

    Args:
        partition (str): AWS partition. Defaults to "aws".
        service (Optional[str]): AWS service name. Defaults to "*".
        region (Optional[str]): AWS region. Defaults to current region.
        account (Optional[str]): AWS account ID. Defaults to current account.
        resource_id (Optional[str]): Resource identifier. Defaults to "*".
        resource_type (Optional[str]): Resource type prefix.
        resource_delim (Literal["/", ":"]): Delimiter between type and ID.

    Returns:
        The constructed ARN string.
    """
    service = service or "*"
    region = region if region is not None else cast(str, cdk.Aws.REGION)
    account = account if account is not None else cast(str, cdk.Aws.ACCOUNT_ID)
    resource_id = resource_id or "*"

    root_arn = f"arn:{partition}:{service}:{region}:{account}"
    if resource_type is not None:
        return f"{root_arn}:{resource_type}{resource_delim}{resource_id}"
    else:
        return f"{root_arn}:{resource_id}"

build_batch_arn ¶

build_batch_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal[
        "compute-environment",
        "job",
        "job-definition",
        "job-queue",
    ]
    | None = None,
) -> str

Build an AWS Batch ARN.

Parameters:

Name	Type	Description	Default
`region`	`Optional[str]`	AWS region.	`None`
`account`	`Optional[str]`	AWS account ID.	`None`
`resource_id`	`Optional[str]`	Resource identifier.	`None`
`resource_type`	`Optional[Literal[...]]`	Batch resource type.	`None`

Returns:

Type	Description
`str`	The constructed Batch ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_batch_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["compute-environment", "job", "job-definition", "job-queue"]
    | None = None,  # noqa: E501
) -> str:
    """Build an AWS Batch ARN.

    Args:
        region (Optional[str]): AWS region.
        account (Optional[str]): AWS account ID.
        resource_id (Optional[str]): Resource identifier.
        resource_type (Optional[Literal[...]]): Batch resource type.

    Returns:
        The constructed Batch ARN string.
    """
    return build_arn(
        service="batch",
        region=region,
        account=account,
        resource_id=resource_id,
        resource_type=resource_type,
        resource_delim="/",
    )

build_dynamodb_arn ¶

build_dynamodb_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["table"] | None = None,
) -> str

Build an AWS DynamoDB ARN.

Parameters:

Name	Type	Description	Default
`region`	`Optional[str]`	AWS region.	`None`
`account`	`Optional[str]`	AWS account ID.	`None`
`resource_id`	`Optional[str]`	Table name or resource identifier.	`None`
`resource_type`	`Optional[Literal['table']]`	DynamoDB resource type.	`None`

Returns:

Type	Description
`str`	The constructed DynamoDB ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_dynamodb_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["table"] | None = None,
) -> str:
    """Build an AWS DynamoDB ARN.

    Args:
        region (Optional[str]): AWS region.
        account (Optional[str]): AWS account ID.
        resource_id (Optional[str]): Table name or resource identifier.
        resource_type (Optional[Literal["table"]]): DynamoDB resource type.

    Returns:
        The constructed DynamoDB ARN string.
    """
    return build_arn(
        service="dynamodb",
        region=region,
        account=account,
        resource_id=resource_id,
        resource_type=resource_type,
        resource_delim="/",
    )

build_ecr_arn ¶

build_ecr_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["repository"] | None = None,
) -> str

Build an AWS ECR ARN.

Parameters:

Name	Type	Description	Default
`region`	`Optional[str]`	AWS region.	`None`
`account`	`Optional[str]`	AWS account ID.	`None`
`resource_id`	`Optional[str]`	Repository name or resource identifier.	`None`
`resource_type`	`Optional[Literal['repository']]`	ECR resource type.	`None`

Returns:

Type	Description
`str`	The constructed ECR ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_ecr_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["repository"] | None = None,
) -> str:
    """Build an AWS ECR ARN.

    Args:
        region (Optional[str]): AWS region.
        account (Optional[str]): AWS account ID.
        resource_id (Optional[str]): Repository name or resource identifier.
        resource_type (Optional[Literal["repository"]]): ECR resource type.

    Returns:
        The constructed ECR ARN string.
    """
    return build_arn(
        service="ecr",
        region=region,
        account=account,
        resource_id=resource_id,
        resource_type=resource_type,
        resource_delim="/",
    )

build_sfn_arn ¶

build_sfn_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal[
        "*", "activity", "execution", "stateMachine"
    ]
    | None = None,
) -> str

Build an AWS Step Functions ARN.

Parameters:

Name	Type	Description	Default
`region`	`Optional[str]`	AWS region.	`None`
`account`	`Optional[str]`	AWS account ID.	`None`
`resource_id`	`Optional[str]`	State machine name or resource identifier.	`None`
`resource_type`	`Optional[Literal[...]]`	Step Functions resource type.	`None`

Returns:

Type	Description
`str`	The constructed Step Functions ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_sfn_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["*", "activity", "execution", "stateMachine"] | None = None,
) -> str:
    """Build an AWS Step Functions ARN.

    Args:
        region (Optional[str]): AWS region.
        account (Optional[str]): AWS account ID.
        resource_id (Optional[str]): State machine name or resource identifier.
        resource_type (Optional[Literal[...]]): Step Functions resource type.

    Returns:
        The constructed Step Functions ARN string.
    """
    return build_arn(
        service="states",
        region=region,
        account=account,
        resource_id=resource_id,
        resource_type=resource_type,
        resource_delim=":",
    )

build_lambda_arn ¶

build_lambda_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal[
        "function", "event-source-mapping", "layer"
    ]
    | None = None,
) -> str

Build an AWS Lambda ARN.

Parameters:

Name	Type	Description	Default
`region`	`Optional[str]`	AWS region.	`None`
`account`	`Optional[str]`	AWS account ID.	`None`
`resource_id`	`Optional[str]`	Function name or resource identifier.	`None`
`resource_type`	`Optional[Literal[...]]`	Lambda resource type.	`None`

Returns:

Type	Description
`str`	The constructed Lambda ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_lambda_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["function", "event-source-mapping", "layer"] | None = None,
) -> str:
    """Build an AWS Lambda ARN.

    Args:
        region (Optional[str]): AWS region.
        account (Optional[str]): AWS account ID.
        resource_id (Optional[str]): Function name or resource identifier.
        resource_type (Optional[Literal[...]]): Lambda resource type.

    Returns:
        The constructed Lambda ARN string.
    """
    return build_arn(
        service="lambda",
        region=region,
        account=account,
        resource_id=resource_id,
        resource_type=resource_type,
        resource_delim=":",
    )

build_s3_arn ¶

build_s3_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal[
        "bucket", "object", "accesspoint", "job"
    ]
    | None = None,
) -> str

Build an AWS S3 ARN.

Note

S3 bucket and object ARNs do not include region or account.

Parameters:

Name	Type	Description	Default
`region`	`Optional[str]`	AWS region (ignored for bucket/object).	`None`
`account`	`Optional[str]`	AWS account ID (ignored for bucket/object).	`None`
`resource_id`	`Optional[str]`	Bucket name or object path.	`None`
`resource_type`	`Optional[Literal[...]]`	S3 resource type.	`None`

Returns:

Type	Description
`str`	The constructed S3 ARN string.

Source code in src/aibs_informatics_cdk_lib/common/aws/core_utils.py

def build_s3_arn(
    region: str | None = None,
    account: str | None = None,
    resource_id: str | None = None,
    resource_type: Literal["bucket", "object", "accesspoint", "job"] | None = None,
) -> str:
    """Build an AWS S3 ARN.

    Note:
        S3 bucket and object ARNs do not include region or account.

    Args:
        region (Optional[str]): AWS region (ignored for bucket/object).
        account (Optional[str]): AWS account ID (ignored for bucket/object).
        resource_id (Optional[str]): Bucket name or object path.
        resource_type (Optional[Literal[...]]): S3 resource type.

    Returns:
        The constructed S3 ARN string.
    """
    # https://docs.aws.amazon.com/AmazonS3/latest/userguide/list_amazons3.html#amazons3-resources-for-iam-policies
    # See table above to see why resource type is set to None
    if resource_type in ["bucket", "object"]:
        resource_type = None
        # ARNs for buckets and objects CANNOT have REGION information
        region = ""
        account = ""

    return build_arn(
        service="s3",
        region=region,
        account=account,
        resource_id=resource_id,
        resource_type=resource_type,
        resource_delim=":",
    )