awscli S3 bucket-policy plugin
Project description
aws-plugin-bucket-policy
AWS CLI plugin - bucket policy admin tool
Installation
-
Dependencies: python3-minimal python3-pip mandoc groff-base optionally: python3-venv
-
Optionally start virtualenv:
python3 -m venv venv; . venv/bin/activate
-
pip install poetry pytest awscli_plugin_endpoint
-
Build & Install aws-plugin-bucket-policy with poetry:
wget https://github.com/CESNET/aws-plugin-bucket-policy/archive/refs/heads/main.zip
unzip main.zip
cd aws-plugin-bucket-policy-main
poetry build
cd dist
tar -xvf aws_plugin_bucket_policy-X.Y.Z.tar.gz
pip install --user aws_plugin_bucket_policy-X.Y.Z/
or in virtualenv without --user
:
pip install aws_plugin_bucket_policy-X.Y.Z/
Configuration
- aws config
.aws/config
:
[profile profile_name]
output = text
s3 =
endpoint_url = ENDPOINT_URL
s3api =
endpoint_url = ENDPOINT_URL
s3bucket-policy =
endpoint_url = ENDPOINT_URL
[plugins]
s3bucket-policy = aws_plugin_bucket_policy
endpoint = awscli_plugin_endpoint
- S3 credentials:
.aws/credentials
:
[profile_name]
aws_access_key_id = ***
aws_secret_access_key = ***
or using environment variables: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
(without --profile
, but --endpoint ENDPOINT_URL
needed)
Help
- For help run
aws s3bucket-policy help
oraws s3bucket-policy SUBCOMMAND help
- Plugin commands manual on GitHub
Examples:
aws s3bucket-policy --profile PROFILE_NAME get-policy --bucket BUCKET_NAME
aws s3bucket-policy --profile PROFILE_NAME new-policy --bucket BUCKET_NAME --newpol-type share-w-user --newpol-spec tenant=TENANT_NAME,user=USER_NAME,action=rw
aws s3bucket-policy --profile PROFILE_NAME new-policy --bucket BUCKET_NAME --newpol-type share-w-tenant --newpol-spec tenant=TENANT_NAME,action=ro
aws s3bucket-policy --profile PROFILE_NAME new-policy --bucket BUCKET_NAME --newpol-type ro-public
aws s3bucket-policy --profile PROFILE_NAME put-policy --bucket BUCKET_NAME --policy POLICY_FILE.json
aws s3bucket-policy --profile PROFILE_NAME delete-policy --bucket BUCKET_NAME
Docker way:
Dockerfile
based on ubuntu:jammy- S3 credentials should be defined in
S3_env
as AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables: (seeS3_env.template
file)
AWS_ACCESS_KEY_ID=***
AWS_SECRET_ACCESS_KEY=***
- Usage examples:
docker build -t s3bucket-policy .
docker run -it --rm -u awscli --env-file=S3_env --name s3bucket-policy s3bucket-policy --endpoint ENDPOINT_URL get-policy --bucket BUCKET_NAME
docker run -it --rm -u awscli --env-file=S3_env --name s3bucket-policy s3bucket-policy --endpoint ENDPOINT_URL help
docker run -it --rm -u awscli --env-file=S3_env --name s3bucket-policy s3bucket-policy --endpoint ENDPOINT_URL new-policy help
docker run -it --rm -u awscli --env-file=S3_env --name s3bucket-policy s3bucket-policy --endpoint ENDPOINT_URL new-policy --bucket BUCKET_NAME --newpol-type share-w-tenant --newpol-spec tenant=TENANT_NAME,action=ro
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for aws_plugin_bucket_policy-1.0.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1930d635e62ce43c27cb5c791fc07824efc65fca7d6153460cba46bba160bd5d |
|
MD5 | 08cadb94374b680d4b6147de15cf5d4f |
|
BLAKE2b-256 | bff576884caaef1d63fd385135d7a0b0fad06ee9a86c4d9166aadf2a981ce010 |
Close
Hashes for aws_plugin_bucket_policy-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 12424fad4db4b59048f7db55168352253181f1bfdec4410fcfa6227b98578b61 |
|
MD5 | 252cfdc2bcd0d034e46ff2efd7a50a3d |
|
BLAKE2b-256 | 26902b9b4c9b4fe43f5fe1639650ce55b372bd17fe0c48ff18347fdf8e3b905e |