You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Alex Williams 8f7d25978a
Declare library as stable
5 months ago
.github/workflows Declare library as stable 5 months ago
test Add unit tests and separate library commands from cli tool 2 years ago
.gitignore Add unit tests and separate library commands from cli tool 2 years ago
CHANGELOG.md Declare library as stable 5 months ago
LICENSE Support plaintext requests 10 months ago
Makefile Declare library as stable 5 months ago
README.md Declare library as stable 5 months ago
awscurl.l Declare library as stable 5 months ago
libawscurl.l Fix uploads and update docs and version info 10 months ago
module.l Declare library as stable 5 months ago
test.l Add 'native' support for faster AWS requests 10 months ago

README.md

PicoLisp AWS CLI tool using OpenSSL and Curl

This command line tool can be used to sign AWS Signature Version 4 requests and make calls to various AWS APIs.

GitHub release Dependency Build status

  1. Requirements
  2. Usage
  3. Options
  4. Contributing
  5. Thanks
  6. Why
  7. License

Requirements

  • picolisp: 32-bit or 64-bit v3.1.11+, tested up to PicoLisp v20.6.29 and pil21, see test runs
  • libcrypto.so: for using --native functions with PicoLisp v17.12+
  • picolisp-unit: v3.0.0+ for testing the library
  • openssl: v1.0.0+ for signing and hashing strings
  • curl: for sending requests to the AWS APIs

Notes

The file libawscurl.l can be included as a library, rather than using the command line awscurl.l. Function are prefixed with awscurl- and variables are prefixed with *Aws_.

Stability

This library is now declared stable and should be suitable for use in production environments.

Usage

WARNING

There is no validation on command line arguments. Be careful the input you provide. See issue #1

Environment variables

The following environment variables are used:

  • AWS_PROFILE: Default: default
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_SESSION_TOKEN or AWS_SECURITY_TOKEN (deprecated)

If any of those environment variables are not set, the values will be read from $HOME/.aws/credentials using the [default] or $AWS_PROFILE profile.

Examples

  • Call S3: List bucket content
./awscurl.l --service s3 --request PUT --data @myfile.json --header 'content-type' 'application/json' --host awscurl-sample-bucket.s3.amazonaws.com --region us-east-1 --endpoint '/bucket/myfile.json'
# NOTE: for files > 1KB, disable Expect header with: --header Expect ""
  • Call EC2 (DescribeRegions):
./awscurl.l --query 'Action=DescribeRegions&Version=2013-10-15'
  • Call EC2 (ImportKeyPair):
./awscurl.l --service ec2 --region ap-northeast-1 --host ap-northeast-1.ec2.amazonaws.com --query 'Action=ImportKeyPair&KeyName=my-key&Version=2016-11-15' --request POST --data 'PublicKeyMaterial=c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDMkxIRitwY1g3ZmRtVWZRMm53TUt5ZmQ5ZktFQWVaY2dOblB5UDhCdmZnTGtSREZsZjV5ODR5Q09UbWdlS05Fd2Y1Ujhoei9ySmNwVEpNcURNS0pnS29qWVp5bWNTYzhROFpsY3lQdm5BYXZ5UEJVdUZYbUZMRDlpckNBcXREK3cxSEFpaVNlZyszdXN1VC9Vc1NKNWNOU3g4em5lSVhmMW9aSzJHQmswck90cEtwVy94c3gyNnNtUWNQWkxCMVYxSVc5NmRkbm1kUTNtQU1RNndPVUtSMytwckRWN2dhc2xOUjVTdkdaZnFreGpaUHNXcFNGRFlqN3I3WkU5MjB3YjIrT1RHQ1NIa21maUlDNVI3REdrUEc3emhEbk1yMHVlb3Qra1JRNjE4bklvQTVDeFhiaHdJalFYVTRFYjl3YVZsaXhmeGpmY1hjZGcwSEMyRnc5SHAgYWxleAo='
  • Call API Gateway:
./awscurl.l --service execute-api --data '{"test":"json"}' --host '<prefix>.execute-api.us-east-1.amazonaws.com' --endpoint '/<resource>'

Options

Usage:		./awscurl.l [options]

Options:
  --help                    Show this help message and exit

  --data <data>             HTTP POST data (default: None)
  --endpoint <endpoint>     The API endpoint of the AWS service (default: /)
  --header <key> <value>    HTTP header data (default: None)
  --host <host>             The Host of the AWS service (default: ec2.amazonaws.com)
  --native                  Use faster 'native' calls for hashing data (64-bit version only, default: False)
  --output <file>           Filename where data should be output (default: STDOUT)
  --protocol http|https     Protocol for talking to AWS (default: https)
  --query <query>           The Query parameters of the AWS service (default: None)
  --region <region>         AWS region (default: us-east-1)
  --request <method>        Specify request method to use (default: GET)
  --service <service>       AWS service (default: ec2)
  --verbose                 Verbose flag (default: False)

Contributing

If you find any bugs or issues, please create an issue.

If you want to improve this tool, please make a pull-request.

Thanks

  • This tool was heavily inspired by Python awscurl
  • Thanks to Łukasz Adamczak for the wonderful article explaining the intricacies of AWS Signature Version 4 with simple curl/openssl/bash

Why

Q: Why not use awscli, boto, awscurl, Ansible, Packer, or one of many other available AWS SDKs?

A: Size. It seems every single tool in existence is incredibly bloated and contains too many dependencies, too many features, and too much complexity. I really just wanted to make a handful of EC2 calls from the command-line. This tool is slightly more flexible than what I needed, but it works without any external dependencies other than what's already deployed on most Linux systems. For comparison, Python awscurl and its dependencies are ~18MB, whereas this PicoLisp awscurl is ~8KB on disk.

License

MIT License

Copyright (c) 2018-2020 Alexander Williams, Unscramble license@unscramble.jp