s3
objects
$ aws s3 ls s3://mybucketname/
$ aws s3 cp testfile.txt s3://mybucketname/
$ aws s3 cp s3://mybucketname/testfile.txt testfile2.txt
$ aws s3 rm s3://mybucketname/testfile.txt
bucket
$ aws s3api list-buckets
$ aws s3api list-buckets --query 'Buckets[?Name == `mybucketname`]'
$ aws s3api create-bucket --bucket mybucketname --region ap-northeast-1 --create-bucket-configuration LocationConstraint=ap-northeast-1
$ aws s3api delete-bucket --bucket mybucketname
default encryption for a bucket
$ aws s3api get-bucket-encryption --bucket mybucketname
$ aws s3api put-bucket-encryption --bucket mybucketname \
--server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}'
$ aws s3api head-object --bucket mybucketname --key testfile.txt
$ aws s3api get-public-access-block --bucket mybucketname
$ aws s3api put-public-access-block --bucket mybucketname \
--public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
versioning
enable and disable versioning for a bucket
$ aws s3api get-bucket-versioning --bucket mybucketname
$ aws s3api put-bucket-versioning --bucket mybucketname --versioning-configuration '{"Status":"Enabled"}'
$ aws s3api put-bucket-versioning --bucket mybucketname --versioning-configuration '{"Status":"Suspended"}'
list object versions
$ aws s3api list-object-versions --bucket mybucketname --prefix testfile.txt
$ aws s3api list-object-versions --bucket mybucketname --prefix testfile.txt --query 'Versions[?IsLatest==`true`].VersionId'
remove all versions for a file (When a file remains in a bucket, you can not delete the bucket)
$ delete_objects=$(aws s3api list-object-versions --bucket mybucketname --prefix testfile.txt \
> --query='{Objects: Versions[].{Key:Key,VersionId:VersionId}}')
$ aws s3api delete-objects --bucket mybucketname --delete "${delete_objects}"
bucket notification configuration
$ aws s3api get-bucket-notification-configuration --bucket bucketname
$ jq . notification.json
{
"QueueConfigurations": [
{
"Events": [
"s3:ObjectCreated:*"
],
"QueueArn": "arn:aws:sqs:<region>:<id>:<queuename>",
"Filter": {
"Key": {
"FilterRules": [
{
"Name": "prefix",
"Value": "input/"
}
]
}
}
}
]
}
$ aws s3api put-bucket-notification-configuration --bucket bucketname --notification-configuration file://notification.json
Before configure bucket notification, add policy to SQS queue like below
{
"Version": "2012-10-17",
"Id": "arn:aws:sqs:<region>:<id>:<queuename>/<policyname>",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "sqs:SendMessage",
"Resource": "arn:aws:sqs:<region>:<id>:<queuename>",
"Condition": {
"ArnEquals": {
"aws:SourceArn": "arn:aws:s3:::<bucketname>"
}
}
}
]
}
sample cloudformation template
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
BucketName:
Type: String
Resources:
MyPrivBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Retain
Properties:
BucketName: !Ref BucketName
PublicAccessBlockConfiguration:
BlockPublicAcls: True
BlockPublicPolicy: True
IgnorePublicAcls: True
RestrictPublicBuckets: True
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
VersioningConfiguration:
Status: "Enabled"
Tags:
- "Key": "Name"
"Value": "test"
boto3 client
file operation
import boto3
import sys
bucket = "mybucketname"
try:
s3_client = boto3.client('s3')
s3_client.upload_file('testfile.txt', bucket, 'dirname/uploaded.txt')
s3_client.download_file(bucket, 'dirname/uploaded.txt', 'downloaded.txt')
s3_client.delete_object(Bucket = bucket, Key='dirname/uploaded.txt')
except:
print ("error")
sys.exit()
bucket operation
import boto3
import sys
bucket = "mybucketname"
try:
s3_client = boto3.client('s3')
# list buckets
response = s3_client.list_buckets()
for i in response.get('Buckets'):
print(i.get('Name'))
# delete a bucket
response = s3_client.delete_bucket(
Bucket=bucket
)
print(response)
except Exception as e:
print (e)
sys.exit()