AWS CLI
AWS CLI (AWS Command Line Interface) is a command line interface for working with AWS services.
Customize the AWS CLI
Set up access
Access can be configured by a user with role Account Owner or User Administrator.
- Create a service user с a role with access to object storage. If you are using a user with the Object Storage User role, the container must be configured with the access policy.
- Issue an S3 key to the user.
Install the client
Use the instructions Install or update to the latest version of the AWS CLI Amazon documentation.
Create an AWS CLI configuration
-
Open the terminal.
-
Open the configuration mode:
aws configure -
Enter
AWS Access Key ID— field value Access key from S3 key. -
Enter
AWS Secret Access Key— field value Secret key from the S3 key. -
Enter
Default region name— pool, in which the object store is located (e.g.,ru-1). -
The settings will be saved in the configuration files:
-
credentials in
.aws/credentials:[default]
aws_access_key_id = <access_key>
aws_secret_access_key = <secret_key> -
default pool in
.aws/config:[default]
region = <pool>
-
-
If you want to use Virtual-Hosted addressing into the configuration file
.aws/configadd a parameter:[default]
s3 =
addressing_style = virtual
Check the certificate
Ubuntu/Debian
CentOS
Windows
-
make sure that your system has the latest version of the package
ca-certificates:export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt -
or upgrade the package
certifito the latest version (certifi==2024.2.2):pip install certifi
-
make sure that your system has the latest version of the package
ca-certificates:export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt -
or upgrade the package
certifito the latest version (certifi==2024.2.2):pip install certifi
-
Make sure you are using the latest version of the AWS CLI, see the instructions for more details Install or update to the latest version of the AWS CLI Amazon documentation.
-
Download a new root certificate
globalsign: on GlobalSign website Select R6 GlobalSign Root Certificate. -
Start the AWS CLI with the flag
--ca-bundlefor example:aws s3 ls --profile=selectel --endpoint-url=https://s3.storage.selcloud.ru --ca-bundle=<path>Specify
<path>— file path.pem.
Working with AWS CLI
For the syntax of the commands, see the instructions AWS Amazon documentation.
To work with object storage through the AWS CLI, use:
- s3api — commands corresponding to operations in the REST API;
- s3 — additional commands that simplify work with a large number of objects.
When you run the command aws mandatory parameter --endpoint-url=https://<s3_domain>where <s3_domain> — S3 API domain depends on pool where the object storage is located.
Create a container
Create a container:
aws --endpoint-url=https://<s3_domain> s3 mb s3://<container_name>
Specify:
<s3_domain>— S3 API domain depends on pool where the object storage is located;<container_name>— the name of the new container.
View list of objects
Check out the list of facilities:
aws --endpoint-url=https://<s3_domain> s3 ls --recursive s3://<container_name>
Specify:
<s3_domain>— S3 API domain depends on pool where the object storage is located;<container_name>— container name.
Load object
Upload the files to the repository:
aws --endpoint-url=https://<s3_domain> s3 cp <object_name> s3://<container_name>/
Specify:
<s3_domain>— S3 API domain depends on pool where the object storage is located;<object_name>— object name;<container_name>— container name.
Delete object
Delete the object:
aws --endpoint-url=https://<s3_domain> s3 rm s3://<container_name>/<object_name>
Specify:
<s3_domain>— S3 API domain depends on pool where the object storage is located;<container_name>— container name;<object_name>— object name.