Resolving #80 .

Netflix · May 20, 2019 · 7ca78b4 · 7ca78b4
1 parent 5d92a03
commit 7ca78b4
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -52,7 +52,7 @@ Run the tests:
 To deploy an AWS Lambda Function, you need to provide a .zip with the code and all dependencies.
 The .zip must contain your lambda code and configurations at the top level of the .zip.  The BLESS
 Makefile includes a publish target to package up everything into a deploy-able .zip if they are in
-the expected locations.
+the expected locations.  You will need to setup your own Python 3.7 lambda to deploy the .zip to.
 
 ### Compiling BLESS Lambda Dependencies
 To deploy code as a Lambda Function, you need to package up all of the dependencies.  You will need to
@@ -140,6 +140,8 @@ random from kms (kms:GenerateRandom) and permissions for logging to CloudWatch L
 ## Using BLESS
 After you have [deployed BLESS](#deployment) you can run the sample [BLESS Client](bless_client/bless_client.py)
 from a system with access to the required [AWS Credentials](http://boto3.readthedocs.io/en/latest/guide/configuration.html).
+This client is really just a proof of concept to validate that you have a functional lambda being called with valid
+IAM credentials. 
 
     (venv) $ ./bless_client.py region lambda_function_name bastion_user bastion_user_ip remote_usernames bastion_source_ip bastion_command <id_rsa.pub to sign> <output id_rsa-cert.pub>
 

diff --git a/bless_client/bless_client.py b/bless_client/bless_client.py
@@ -32,16 +32,16 @@
         obtained by appending -cert.pub to identity filenames" e.g.  the <id_rsa.pub to sign>.
 """
 import json
+import os
 import stat
 import sys
 
 import boto3
-import os
 
 
 def main(argv):
     if len(argv) < 9 or len(argv) > 10:
-        print (
+        print(
             'Usage: bless_client.py region lambda_function_name bastion_user bastion_user_ip '
             'remote_usernames bastion_ips bastion_command <id_rsa.pub to sign> '
             '<output id_rsa-cert.pub> [kmsauth token]')
@@ -71,7 +71,7 @@ def main(argv):
     print('{}\n'.format(response['ResponseMetadata']))
 
     if response['StatusCode'] != 200:
-        print ('Error creating cert.')
+        print('Error creating cert.')
         return -1
 
     payload = json.loads(response['Payload'].read())