AWS CLI

AWS CLI (AWS Command Line Interface) is a command line interface for working with AWS services.

Customize AWS CLI

Configure access to S3.
Install the client.
Create an AWS CLI configuration.
Install the certificate.

1. Set up access to S3

Access can be configured by the Account Owner or a user with the role of iam_admin.

Create a service user with the role with access to S3.If you use a service user with the role object_storage_user or s3.bucket.user you must have a bucket policy configured in the bucket..
Issue an S3 key to the user.

2. Install the client

Use the Install or update to the latest version of the AWS CLI documentation from Amazon.

3. Create an AWS CLI configuration

Open the terminal.
Open the configuration mode:
```
aws configure
```
Enter the AWS Access Key ID, which is the value of the Access key field from the S3 key.
Enter AWS Secret Access Key — the value of the Secret key field from the S3 key.
Enter Default region name — the pool in which S3 is located (for example, ru-1).
Enter Default output format or leave blank.
The settings will be saved in the configuration files:
- credentials in .aws/credentials:
```
[default]
aws_access_key_id = <access_key>
aws_secret_access_key = <secret_key>
```
- default pool in .aws/config:
```
[default]
   region = <pool>
```
In the .aws/config file, add the endpoint_url parameter:
```
[default]
    region = <pool>
    endpoint_url = https://<s3_domain>
```
Specify <s3_domain> — the S3 API domain for the desired pool.

4. Install the certificate

Linux/macOS
Windows

Create a folder ~/.selectels3/:
```
mkdir -p ~/.selectels3/
```

Download the certificate and place it in the ~/.selectels3/ folder:

wget https://secure.globalsign.net/cacert/root-r6.crt -O ~/.selectels3/root.crt
openssl x509 -inform der -in ~/.selectels3/root.crt -out ~/.selectels3/root.crt
chmod 600 ~/.selectels3/root.crt

In the .aws/config configuration file, add a parameter:
```
ca_bundle = ~/.selectels3/root.crt
```

Download the certificate.
Create a text file — for example, root.txt.
In the root.txt file, add the contents of the certificate in base64 format.
In the .aws/config configuration file, add a parameter:
```
ca_bundle = <path>
```
Specify <path> — the path to the root.txt file.

Working with AWS CLI

For the command syntax, see the AWS instructions in Amazon's AWS documentation.

To work with S3 through the AWS CLI, use:

s3api — commands corresponding to operations in the REST API;
s3 — additional commands that simplify work with a large number of objects.

Output the list of buckets

Bring up a list of buckets:

aws s3 ls

Create a bucket

Create a bucket:

aws s3 mb s3://<bucket_name>

Specify <bucket_name> is the name of the new bucket.

View list of objects

Check out the list of facilities:

aws s3 ls --recursive s3://<bucket_name>

Specify <bucket_name> is the name of the bucket.

Load object

Upload the files to the repository:

aws s3 cp <object_name> s3://<bucket_name>/

Specify:

<object_name> — object name;
<bucket_name> — bucket name.

Delete object

Delete the object:

aws s3 rm s3://<bucket_name>/<object_name>

Specify:

<bucket_name> — bucket name;
<object_name> — object name.