Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

PicoLisp AWS CLI tool using OpenSSL and Curl

This command line tool can be used to sign AWS Signature Version 4 requests and make calls to various AWS APIs.

GitHub release Dependency Build status

  1. Requirements
  2. Usage
  3. Options
  4. Contributing
  5. Thanks
  6. Why
  7. License


  • picolisp: 32-bit or 64-bit v3.1.11+, tested up to PicoLisp v20.6.29 and pil21, see test runs
  • for using --native functions with PicoLisp v17.12+
  • picolisp-unit: v3.0.0+ for testing the library
  • openssl: v1.0.0+ for signing and hashing strings
  • curl: for sending requests to the AWS APIs


The file libawscurl.l can be included as a library, rather than using the command line awscurl.l. Function are prefixed with awscurl- and variables are prefixed with *Aws_.


This library is now declared stable and should be suitable for use in production environments.



There is no validation on command line arguments. Be careful the input you provide. See issue #1

Environment variables

The following environment variables are used:

  • AWS_PROFILE: Default: default

If any of those environment variables are not set, the values will be read from $HOME/.aws/credentials using the [default] or $AWS_PROFILE profile.


  • Call S3: List bucket content
./awscurl.l --service s3 --request PUT --data @myfile.json --header 'content-type' 'application/json' --host --region us-east-1 --endpoint '/bucket/myfile.json'
# NOTE: for files > 1KB, disable Expect header with: --header Expect ""
  • Call EC2 (DescribeRegions):
./awscurl.l --query 'Action=DescribeRegions&Version=2013-10-15'
  • Call EC2 (ImportKeyPair):
./awscurl.l --service ec2 --region ap-northeast-1 --host --query 'Action=ImportKeyPair&KeyName=my-key&Version=2016-11-15' --request POST --data 'PublicKeyMaterial=c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDMkxIRitwY1g3ZmRtVWZRMm53TUt5ZmQ5ZktFQWVaY2dOblB5UDhCdmZnTGtSREZsZjV5ODR5Q09UbWdlS05Fd2Y1Ujhoei9ySmNwVEpNcURNS0pnS29qWVp5bWNTYzhROFpsY3lQdm5BYXZ5UEJVdUZYbUZMRDlpckNBcXREK3cxSEFpaVNlZyszdXN1VC9Vc1NKNWNOU3g4em5lSVhmMW9aSzJHQmswck90cEtwVy94c3gyNnNtUWNQWkxCMVYxSVc5NmRkbm1kUTNtQU1RNndPVUtSMytwckRWN2dhc2xOUjVTdkdaZnFreGpaUHNXcFNGRFlqN3I3WkU5MjB3YjIrT1RHQ1NIa21maUlDNVI3REdrUEc3emhEbk1yMHVlb3Qra1JRNjE4bklvQTVDeFhiaHdJalFYVTRFYjl3YVZsaXhmeGpmY1hjZGcwSEMyRnc5SHAgYWxleAo='
  • Call API Gateway:
./awscurl.l --service execute-api --data '{"test":"json"}' --host '<prefix>' --endpoint '/<resource>'


Usage:		./awscurl.l [options]

  --help                    Show this help message and exit

  --data <data>             HTTP POST data (default: None)
  --endpoint <endpoint>     The API endpoint of the AWS service (default: /)
  --header <key> <value>    HTTP header data (default: None)
  --host <host>             The Host of the AWS service (default:
  --native                  Use faster 'native' calls for hashing data (64-bit version only, default: False)
  --output <file>           Filename where data should be output (default: STDOUT)
  --protocol http|https     Protocol for talking to AWS (default: https)
  --query <query>           The Query parameters of the AWS service (default: None)
  --region <region>         AWS region (default: us-east-1)
  --request <method>        Specify request method to use (default: GET)
  --service <service>       AWS service (default: ec2)
  --verbose                 Verbose flag (default: False)


If you find any bugs or issues, please create an issue.

If you want to improve this tool, please make a pull-request.


  • This tool was heavily inspired by Python awscurl
  • Thanks to Łukasz Adamczak for the wonderful article explaining the intricacies of AWS Signature Version 4 with simple curl/openssl/bash


Q: Why not use awscli, boto, awscurl, Ansible, Packer, or one of many other available AWS SDKs?

A: Size. It seems every single tool in existence is incredibly bloated and contains too many dependencies, too many features, and too much complexity. I really just wanted to make a handful of EC2 calls from the command-line. This tool is slightly more flexible than what I needed, but it works without any external dependencies other than what's already deployed on most Linux systems. For comparison, Python awscurl and its dependencies are ~18MB, whereas this PicoLisp awscurl is ~8KB on disk.


MIT License

Copyright (c) 2018-2020 Alexander Williams, Unscramble