Encrypting command-line client for Amazon Glacier.
Project description
icebox
Encrypting command-line client for Amazon Glacier.
This command-line client lets you store files and directories in Amazon Glacier. All data is encrypted using GnuPG before being uploaded and no original filenames will be visible remotely.
Requirements
- AWS credentials with write access to Glacier
- GnuPG public/private keypair
Setup
AWS credentials
Configure AWS credentials as described in the Boto documentation. The credentials should have write access to the Glacier vaults you plan to use. See the example IAM policy for recommended permissions.
GnuPG keypair
Create a keypair for icebox and make a note of the ID. Retrieval operations can take a long time, so you should make sure the keypair stays accessible, i.e. no password prompts blocking the operation.
Install icebox
Install icebox using pip (or pipsi):
pip install icebox
Usage
Create a new box
Create the box mybox for a Glacier vault called myvault like this:
icebox init mybox 0xMYKEYID glacier myvault
If your AWS credentials are not in the default profile, use the --profile
option:
icebox init mybox 0xMYKEYID glacier myvault --profile icebox
Store data in a box
To store a file or directory, simply specify its location:
icebox put myvault cat-pictures/grumpy.jpg
Retrieve data from a box
There are no directories in boxes, so you just specify the original name of the source and a destination:
icebox get myvault grumpy.jpg ~/Desktop
Standard retrievals can take a long time. To perform an Expedited
retrieval, use the Tier option:
icebox get myvault grumpy.jpg ~/Desktop -o Tier=Expedited
Retrieval operations are tracked by icebox, so you can interrupt a waiting retrieval and request the same source again later.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.