Connection module for Amazon S3 using boto3
New in version 2018.3.0.
This module accepts explicit AWS credentials but can also utilize IAM roles assigned to the instance through Instance Profiles or it can read them from the ~/.aws/credentials file or from these environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available at:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/
iam-roles-for-amazon-ec2.html
http://boto3.readthedocs.io/en/latest/guide/
configuration.html#guide-configuration
If IAM roles are not used you need to specify them either in a pillar or in the minion's config file:
s3.keyid: GKTADJGHEIQSXMKKRBJ08H
s3.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
A region may also be specified in the configuration:
s3.region: us-east-1
If a region is not specified, the default is us-east-1.
It's also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:
myprofile:
keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1
boto3
Get metadata about an S3 object. Returns None if the object does not exist.
You can pass AWS SSE-C related args and/or RequestPayer in extra_args.
CLI Example:
salt myminion boto_s3.get_object_metadata \
my_bucket/path/to/object \
region=us-east-1 \
key=key \
keyid=keyid \
profile=profile \
Upload a local file as an S3 object.
CLI Example:
salt myminion boto_s3.upload_file \
/path/to/local/file \
my_bucket/path/to/object \
region=us-east-1 \
key=key \
keyid=keyid \
profile=profile \