Skip to content

PicoLisp AWS CLI tool using OpenSSL and Curl

License

Notifications You must be signed in to change notification settings

aw/picolisp-awscurl

Repository files navigation

PicoLisp AWS CLI tool using OpenSSL and Curl

This command line tool can be used to sign AWS Signature Version 4 requests and make calls to various AWS APIs.

GitHub release Dependency Build status

  1. Requirements
  2. Usage
  3. Options
  4. Contributing
  5. Thanks
  6. Why
  7. License

Requirements

  • picolisp: 32-bit or 64-bit v3.1.11+, tested up to PicoLisp v20.6.29 and pil21, see test runs
  • libcrypto.so: for using --native functions with PicoLisp v17.12+
  • picolisp-unit: v3.0.0+ for testing the library
  • openssl: v1.0.0+ for signing and hashing strings
  • curl: for sending requests to the AWS APIs

Notes

The file libawscurl.l can be included as a library, rather than using the command line awscurl.l. Function are prefixed with awscurl- and variables are prefixed with *Aws_.

Stability

This library is now declared stable and should be suitable for use in production environments.

Usage

WARNING

There is no validation on command line arguments. Be careful the input you provide. See issue #1

Environment variables

The following environment variables are used:

  • AWS_PROFILE: Default: default
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_SESSION_TOKEN or AWS_SECURITY_TOKEN (deprecated)

If any of those environment variables are not set, the values will be read from $HOME/.aws/credentials using the [default] or $AWS_PROFILE profile.

Examples

  • Call S3: List bucket content
./awscurl.l --service s3 --request PUT --data @myfile.json --header 'content-type' 'application/json' --host awscurl-sample-bucket.s3.amazonaws.com --region us-east-1 --endpoint '/bucket/myfile.json'
# NOTE: for files > 1KB, disable Expect header with: --header Expect ""
  • Call EC2 (DescribeRegions):
./awscurl.l --query 'Action=DescribeRegions&Version=2013-10-15'
  • Call EC2 (ImportKeyPair):
./awscurl.l --service ec2 --region ap-northeast-1 --host ap-northeast-1.ec2.amazonaws.com --query 'Action=ImportKeyPair&KeyName=my-key&Version=2016-11-15' --request POST --data 'PublicKeyMaterial=c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDMkxIRitwY1g3ZmRtVWZRMm53TUt5ZmQ5ZktFQWVaY2dOblB5UDhCdmZnTGtSREZsZjV5ODR5Q09UbWdlS05Fd2Y1Ujhoei9ySmNwVEpNcURNS0pnS29qWVp5bWNTYzhROFpsY3lQdm5BYXZ5UEJVdUZYbUZMRDlpckNBcXREK3cxSEFpaVNlZyszdXN1VC9Vc1NKNWNOU3g4em5lSVhmMW9aSzJHQmswck90cEtwVy94c3gyNnNtUWNQWkxCMVYxSVc5NmRkbm1kUTNtQU1RNndPVUtSMytwckRWN2dhc2xOUjVTdkdaZnFreGpaUHNXcFNGRFlqN3I3WkU5MjB3YjIrT1RHQ1NIa21maUlDNVI3REdrUEc3emhEbk1yMHVlb3Qra1JRNjE4bklvQTVDeFhiaHdJalFYVTRFYjl3YVZsaXhmeGpmY1hjZGcwSEMyRnc5SHAgYWxleAo='
  • Call API Gateway:
./awscurl.l --service execute-api --data '{"test":"json"}' --host '<prefix>.execute-api.us-east-1.amazonaws.com' --endpoint '/<resource>'

Options

Usage:		./awscurl.l [options]

Options:
  --help                    Show this help message and exit

  --data <data>             HTTP POST data (default: None)
  --endpoint <endpoint>     The API endpoint of the AWS service (default: /)
  --header <key> <value>    HTTP header data (default: None)
  --host <host>             The Host of the AWS service (default: ec2.amazonaws.com)
  --native                  Use faster 'native' calls for hashing data (64-bit version only, default: False)
  --output <file>           Filename where data should be output (default: STDOUT)
  --protocol http|https     Protocol for talking to AWS (default: https)
  --query <query>           The Query parameters of the AWS service (default: None)
  --region <region>         AWS region (default: us-east-1)
  --request <method>        Specify request method to use (default: GET)
  --service <service>       AWS service (default: ec2)
  --verbose                 Verbose flag (default: False)

Contributing

If you find any bugs or issues, please create an issue.

If you want to improve this tool, please make a pull-request.

Thanks

  • This tool was heavily inspired by Python awscurl
  • Thanks to Łukasz Adamczak for the wonderful article explaining the intricacies of AWS Signature Version 4 with simple curl/openssl/bash

Why

Q: Why not use awscli, boto, awscurl, Ansible, Packer, or one of many other available AWS SDKs?

A: Size. It seems every single tool in existence is incredibly bloated and contains too many dependencies, too many features, and too much complexity. I really just wanted to make a handful of EC2 calls from the command-line. This tool is slightly more flexible than what I needed, but it works without any external dependencies other than what's already deployed on most Linux systems. For comparison, Python awscurl and its dependencies are ~18MB, whereas this PicoLisp awscurl is ~8KB on disk.

License

MIT License

Copyright (c) 2018-2020 Alexander Williams, Unscramble license@unscramble.jp