Skip to content
main
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

S3 Curl tool with IAM role support

Bash script to wrap the AWS s3curl.pl utility allowing access to S3 buckets via an EC2 assigned IAM role (instance profile).

Upon first call will automatically fetch required IAM role credentials from the http://169.254.169.254/ endpoint and generate a ~/.s3curl config for use by s3curl.pl which includes the IAM instance profile access token used by s3curliamrole.sh.

Install & usage

# example placement of s3curliamrole.sh/s3curl.pl scripts somewhere public
$ curl -s https://s3.amazonaws.com/BUCKET-NAME/public/s3curliamrole.tgz | tar -xz
$ ./s3curliamrole.sh -s https://s3.amazonaws.com/BUCKET-NAME/path/to/file.ext

Executing via CloudInit / user-data

If calling the script via EC2 user-data (I would think this is a common scenario), you will find (with Ubuntu AMI images at least) that the $HOME environment variable will not be defined this early in the instances bootstrap which will cause issues with both s3curliamrole.sh and s3curl.pl.

Since user-data executes as root, you can combat this by placing the following lines at the start of your user-data scripts:

#!/bin/bash -e

# setting $HOME since not available yet when run via CloudInit
HOME="/root"
export HOME

Reference

About

Bash script to wrap the popular AWS s3curl.pl utility and allowing the use of EC2 assigned IAM role permissions.

Topics

Resources

License