PicoLisp AWS CLI tool using OpenSSL and Curl

You can get it on GitHub.

This command line tool can be used to sign AWS Signature Version 4 requests and make calls to various AWS APIs.

1. Requirements
2. Usage
3. Options

Requirements

• picolisp: 32-bit or 64-bit v3.1.11+, tested up to PicoLisp v20.6.29, see test runs
• libcrypto.so: for using --native functions with PicoLisp v17.12+
• picolisp-unit: v3.0.0+ for testing the library
• openssl: v1.0.0+ for signing and hashing strings
• curl: for sending requests to the AWS APIs

Notes

The file libawscurl.l can be included as a library, rather than using the command line awscurl.l. Function are prefixed with awscurl- and variables are prefixed with *Aws_.

Usage

WARNING

There is currently no validation on command line arguments. Be careful the input you provide. See issue #1

Environment variables

The following environment variables are used:

• AWS_PROFILE: Default: default
• AWS_ACCESS_KEY_ID
• AWS_SECRET_ACCESS_KEY
• AWS_SESSION_TOKEN or AWS_SECURITY_TOKEN (deprecated)

If any of those environment variables are not set, the values will be read from $HOME/.aws/credentials using the [default] or $AWS_PROFILE profile.

Examples

• Call S3: List bucket content

./awscurl.l --service s3 --request PUT --data @myfile.json --header 'content-type' 'application/json' --host awscurl-sample-bucket.s3.amazonaws.com --region us-east-1 --endpoint '/bucket/myfile.json'
# NOTE: for files > 1KB, disable Expect header with: --header Expect ""

• Call EC2 (DescribeRegions):

./awscurl.l --query 'Action=DescribeRegions&Version=2013-10-15'

• Call EC2 (ImportKeyPair):

  ./awscurl.l --service ec2 --region ap-northeast-1 --host ap-northeast-1.ec2.amazonaws.com --query 'Action=ImportKeyPair&KeyName=my-key&Version=2016-11-15' --request POST --data 'PublicKeyMaterial=c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCQVFDMkxIRitwY1g3ZmRtVWZRMm53TUt5ZmQ5ZktFQWVaY2dOblB5UDhCdmZnTGtSREZsZjV5ODR5Q09UbWdlS05Fd2Y1Ujhoei9ySmNwVEpNcURNS0pnS29qWVp5bWNTYzhROFpsY3lQdm5BYXZ5UEJVdUZYbUZMRDlpckNBcXREK3cxSEFpaVNlZyszdXN1VC9Vc1NKNWNOU3g4em5lSVhmMW9aSzJHQmswck90cEtwVy94c3gyNnNtUWNQWkxCMVYxSVc5NmRkbm1kUTNtQU1RNndPVUtSMytwckRWN2dhc2xOUjVTdkdaZnFreGpaUHNXcFNGRFlqN3I3WkU5MjB3YjIrT1RHQ1NIa21maUlDNVI3REdrUEc3emhEbk1yMHVlb3Qra1JRNjE4bklvQTVDeFhiaHdJalFYVTRFYjl3YVZsaXhmeGpmY1hjZGcwSEMyRnc5SHAgYWxleAo='
  

• Call API Gateway:

./awscurl.l --service execute-api --data '{"test":"json"}' --host '<prefix>.execute-api.us-east-1.amazonaws.com' --endpoint '/<resource>'

Options

Usage:		./awscurl.l [options]

Options:
  --help                    Show this help message and exit

  --data <data>             HTTP POST data (default: None)
  --endpoint <endpoint>     The API endpoint of the AWS service (default: /)
  --header <key> <value>    HTTP header data (default: None)
  --host <host>             The Host of the AWS service (default: ec2.amazonaws.com)
  --native                  Use faster 'native' calls for hashing data (64-bit version only, default: False)
  --output <file>           Filename where data should be output (default: STDOUT)
  --protocol http|https     Protocol for talking to AWS (default: https)
  --query <query>           The Query parameters of the AWS service (default: None)
  --region <region>         AWS region (default: us-east-1)
  --request <method>        Specify request method to use (default: GET)
  --service <service>       AWS service (default: ec2)
  --verbose                 Verbose flag (default: False)