A gist showing some common S3 and S3 Glacier actions using the API's listed below.
Actions
- Create an S3 Bucket
- Upload files to bucket choosing different storage classe
- Download objects from S3
- Restore objects from S3
- Configure an S3 lifecycle policy
- Create Glacier vault
- Upload archive to vault
- Request an inventory in Glacier
- Request an archive retrieval in Glacier
- Describe a Glacier job request
- List Glacier jobs
- Get Glacier job output
- Sample security policy for Glacier Topic
APIs
S3_BUCKETNAME=YOURBUCKETNAME${RANDOM}
S3_STANDARD_UPLOAD_1=koala.jpg
S3_STANDARD_UPLOAD_2=emu.jpg
S3_GLACIER_UPLOAD_1=kangaroo.jpg
S3_GLACIER_UPLOAD_2=galah.jpg
GLACIER_VAULT_NAME=YOURVAULTNAME
GLACIER_ARCHIVE=glacier-archive.zip
AWS_PROFILE=YOUR_AWS_CLI_PROFILE_NAMEhttps://docs.aws.amazon.com/cli/latest/reference/s3/mb.html
aws s3 mb s3://${S3_BUCKETNAME} --profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html
aws s3api put-object \
--bucket ${S3_BUCKETNAME} \
--storage-class STANDARD \
--key ${S3_STANDARD_UPLOAD_1} \
--body uploads/${S3_STANDARD_UPLOAD_1} \
--profile ${AWS_PROFILE}aws s3api put-object \
--bucket ${S3_BUCKETNAME} \
--storage-class ONEZONE_IA \
--key ${S3_STANDARD_UPLOAD_2} \
--body uploads/${S3_STANDARD_UPLOAD_2} \
--profile ${AWS_PROFILE}aws s3api put-object \
--bucket ${S3_BUCKETNAME} \
--storage-class GLACIER \
--key ${S3_GLACIER_UPLOAD_1} \
--body uploads/${S3_GLACIER_UPLOAD_1} \
--profile ${AWS_PROFILE}aws s3api put-object \
--bucket ${S3_BUCKETNAME} \
--storage-class DEEP_ARCHIVE \
--key ${S3_GLACIER_UPLOAD_2} \
--body uploads/${S3_GLACIER_UPLOAD_2} \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/s3api/get-object.html
aws s3api get-object \
--bucket ${S3_BUCKETNAME} \
--key ${S3_STANDARD_UPLOAD_1} \
--profile ${AWS_PROFILE} \
downloads/${S3_STANDARD_UPLOAD_1}https://docs.aws.amazon.com/cli/latest/reference/s3api/restore-object.html
aws s3api restore-object \
--bucket ${S3_BUCKETNAME} \
--key ${S3_GLACIER_UPLOAD_1} \
--restore-request Days=1 \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/s3api/put-bucket-lifecycle-configuration.html
aws s3api put-bucket-lifecycle-configuration \
--bucket ${S3_BUCKETNAME} \
--lifecycle-configuration file://json/lifecycle.json \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/glacier/create-vault.html
aws glacier create-vault \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/glacier/upload-archive.html
aws glacier upload-archive \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--body uploads/${GLACIER_ARCHIVE} \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/glacier/initiate-job.html
aws glacier initiate-job \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--job-parameters file://json/inventory-retrieval.json \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/glacier/initiate-job.html
aws glacier initiate-job \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--job-parameters file://json/archive-retrieval.json \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/glacier/describe-job.html
aws glacier describe-job \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--profile ${AWS_PROFILE} \
--job-id JOB_IDhttps://docs.aws.amazon.com/cli/latest/reference/glacier/list-jobs.html
aws glacier list-jobs \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--profile ${AWS_PROFILE}https://docs.aws.amazon.com/cli/latest/reference/glacier/get-job-output.html
aws glacier get-job-output \
--account-id - \
--vault-name ${GLACIER_VAULT_NAME} \
--job-id JOB_ID \
--profile ${AWS_PROFILE} \
glacier-jobs-outLimited policy
{
"Version": "2008-10-17",
"Id": "GlacierNotificationPolicy",
"Statement": [
{
"Sid": "GlacierNotificationAllow",
"Effect": "Allow",
"Principal": {
"Service": "glacier.amazonaws.com"
},
"Action": [
"SNS:Publish"
],
"Resource": "TOPIC_ARN"
}
]
}Default policy
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"SNS:Publish",
"SNS:RemovePermission",
"SNS:SetTopicAttributes",
"SNS:DeleteTopic",
"SNS:ListSubscriptionsByTopic",
"SNS:GetTopicAttributes",
"SNS:Receive",
"SNS:AddPermission",
"SNS:Subscribe"
],
"Resource": "TOPIC_ARN",
"Condition": {
"StringEquals": {
"AWS:SourceOwner": "AWS_ACCOUNT_ID"
}
}
}
]
}