BotoConfig

Site and user configuration of boto.
Featured

Updated Feb 4, 2010 by Mitch.Ga...@gmail.com

Introduction

There is a growing list of configuration options for the boto library. Many of these options can be passed into the constructors for top-level objects such as connections. Some options, such as credentials, can also be read from environment variables (e.g. AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY). But there is no central place to manage these options. So, the development version of boto has now introduced the notion of boto config files.

Details

A boto config file is simply a .ini format configuration file that specifies values for options that control the behavior of the boto library. Upon startup, the boto library looks for configuration files in the following locations and in the following order:

/etc/boto.cfg - for site-wide settings that all users on this machine will use
~/.boto - for user-specific settings

The options are merged into a single, in-memory configuration that is available as boto.config. The boto.pyami.config class is a subclass of the standard Python SafeConfigParser object and inherits all of the methods of that object. In addition, the boto.pyami.config class defines additional methods that are described on the PyamiConfigMethods page.

Sections

The following sections and options are currently recognized within the boto config file.

Credentials

The Credentials section is used to specify the AWS credentials used for all boto requests. The order of precedence for authentication credentials is:

Credentials passed into Connection class constructor.
Credentials specified by environment variables
Credentials specified as options in the config file.

This section defines the following options:

aws_access_key_id

Your AWS access key

aws_secret_access_key

Your AWS secret access key

Example

[Credentials]
aws_access_key_id = <your access key>
aws_secret_access_key = <your secret key>

Boto

The Boto section is used to specify options that control the operaton of boto itself. This section defines the following options:

debug

Controls the level of debug messages that will be printed by the boto library. The following values are defined:
        0 - no debug messages are printed
        1 - basic debug messages from boto are printed
        2 - all boto debugging messages plus request/response messages from httplib

proxy

The name of the proxy host to use for connecting to AWS.

proxy_port

The port number to use to connect to the proxy host.

proxy_user

The user name to use when authenticating with proxy host.

proxy_pass

The password to use when authenticating with proxy host.

num_retries

The number of times to retry failed requests to an AWS server. If boto receives an error from AWS, it will attempt to recover and retry the request. The default number of retries is 5 but you can change the default with this option.

Examples

[Boto]
debug = 0
num_retries = 10

proxy = myproxy.com
proxy_port = 8080
proxy_user = foo
proxy_pass = bar

Comment by mblo...@gmail.com, Sep 29, 2008

You may want to do your own retries, say to log errors. You can do that in your code without affecting (or creating) the config file:

if not boto.config.has_section('Boto'):
boto.config.add_section('Boto')
boto.config.set('Boto', 'num_retries', '0')

Naturally, that applies to any parameter you want to change locally.

Comment by Matthew....@gmail.com, Oct 14, 2008

Hi,

1. Where should you stick boto.cfg on a WindowsXP box? 2. Can you tell boto where to find boto.cfg if it isn't in a standard directory?

Comment by mjunaid...@gmail.com, Nov 4, 2008

Hi,

raise self.ResponseError?(response.status, response.reason, body)

boto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized <?xml version="1.0"?> <Response><Errors><Error><Code>AuthFailure</Code><Message>AWS was not able to validate the provided access credentials</Message></Error></Errors><RequestID>15232c56-6992-4fe6-8f77-8c42a3a3c096</RequestID></Response>

This is the error when I try to run the boto file on linux machine, The system has: Python 2.3.4 (#1, Jul 25 2008, 14:23:21) [GCC 3.4.6 20060404 (Red Hat 3.4.6-10)] on linux2

Is this due to the version problem? because the credentials are all ok and the same file is running at my Windows System. I just copied the finger print ppk file and the two .pem files to the linux machine from my Windows is it ok or am I supposed to create a new key pair file ? if so can you please tell me how to ?

Is their any tutorial available on setting up Boto from scratch on linux system in step by step manner?

Comment by joao.ped...@gmail.com, May 22, 2011

For those who want to configure the credentials in Windows:

1-Create your file with the name you want(e.g boto_config.cfg) and place it in a location of your choise(e.g C:\Users\<your_account_name>\configs).

2- Create an environment variable with the Name='BOTO_CONFIG' and Value= file_locatio/file_name

3- Boto is now ready to work with credentials automatically configured!

(to create environment variables in Windows fllow this tutorial: http://www.onlinehowto.net/Tutorials/Windows-7/Creating-System-Environment-Variables-in-Windows-7/1705)

Comment by ma...@snaplogic.com, Nov 20, 2011

IMHO the location of the 'personal' config file is a Bad Idea - it should follow standard Linux convention and store the file inside an app/service specific .dot dir:

~/.boto/boto.cfg

~/.boto/botorc (if you are concerned there may be confusing names with /etc/boto.cfg)

Comment by analo...@gmail.com, Dec 3, 2011

There is no GNU/Linux convention about storing config files inside a specific .doc folder. It's only helping when an app use more than 1 config file e.g. ssh.

A simple ~/.boto file is perfect.

Comment by garlan...@gmail.com, Jan 12, 2012

I would like to see use of private keys for connection instead of access id

Comment by alexandr...@gmail.com, Jan 26, 2012

Guys,

Boto is not working on my Windows machine behind a secured proxy. The proxy parameters are loaded correctly but I still get following error. Any hint please? Thanks!

>>> boto.ec2.regions()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\ec2\__init__.py", line 39, in regions
  return c.get_all_regions()
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\ec2\connection.py", line 2315, in get_all_regions
  [('item', RegionInfo)], verb='POST')
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\connection.py", line 862, in get_list
  response = self.make_request(action, params, path, verb)
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\connection.py", line 848, in make_request
  return self._mexe(http_request)
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\connection.py", line 721, in _mexe
  connection = self.get_http_connection(request.host, self.is_secure)
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\connection.py", line 596, in get_http_connection
  return self.new_http_connection(host, is_secure)
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\connection.py", line 608, in new_http_connection
  connection = self.proxy_ssl()
File "C:\Python26\lib\site-packages\boto-2.1.1-py2.6.egg\boto\connection.py", line 682, in proxy_ssl
  sslSock = httplib.ssl.SSLSocket(sock)
File "C:\Python26\lib\ssl.py", line 120, in __init__
  self.do_handshake()
File "C:\Python26\lib\ssl.py", line 279, in do_handshake
  self._sslobj.do_handshake()
ssl.SSLError: [Errno 8] _ssl.c:490: EOF occurred in violation of protocol

Comment by greenber...@gmail.com, Mar 29, 2012

I can run my boto based app by passing the two keys in as arguments to boto.connect_ec2() but not when they are in the .boto file. Strace tells me that the .boto file is being opened and read, but I still get the usual 401 exception.

boto? debug=2 Credentials? aws_access_key_id = 'A.,....Q' aws_secret_access_key = 'f7p.....g'

My boto file is ~/.boto and is permissioned 600. My app is also in my home directory.

I just don't get it.

► Sign in to add a comment