script to download file from Amazon S3 bucket
Trying to write script to download file from Amazon S3 bucket.
Having trouble with the example on the cURL site. The script below produces:
The re
-
Avoid signing the request yourself, a lot can go wrong or be hard to do. For example, you should check that the date is set to GMT or use x-amz-date headers.
Another approach is to use the AWS Command Line Interface and so use
$ aws s3 cpor$ aws s3 sync.讨论(0) -
As of August 2019 I found this to work. Has added region, and format of URL has changed.
#!/bin/sh outputFile="/PATH/TO/LOCALLY/SAVED/FILE" amzFile="BUCKETPATH/TO/FILE" region="YOUR-REGION" bucket="SOME-BUCKET" resource="/${bucket}/${amzFile}" contentType="binary/octet-stream" dateValue=`TZ=GMT date -R` # You can leave our "TZ=GMT" if your system is already GMT (but don't have to) stringToSign="GET\n\n${contentType}\n${dateValue}\n${resource}" s3Key="ACCESS_KEY_ID" s3Secret="SECRET_ACCESS_KEY" signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${s3Secret} -binary | base64` curl -H "Host: s3-${region}.amazonaws.com" \ -H "Date: ${dateValue}" \ -H "Content-Type: ${contentType}" \ -H "Authorization: AWS ${s3Key}:${signature}" \ https://s3-${region}.amazonaws.com/${bucket}/${amzFile} -o $outputFile讨论(0) -
I write this bash script to download file from s3 (I download compressed file, you can change contentType to download other types of file)
#!/bin/sh outputFile="Your_PATH" amzFile="AMAZON_FILE_PATH" bucket="YOUR_BUCKET" resource="/${bucket}/${amzFile}" contentType="application/x-compressed-tar" dateValue=`date -R` stringToSign="GET\n\n${contentType}\n${dateValue}\n${resource}" s3Key="YOUR_S3_KEY" s3Secret="YOUR_S3SECRET" signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${s3Secret} -binary | base64` curl -H "Host: ${bucket}.s3.amazonaws.com" \ -H "Date: ${dateValue}" \ -H "Content-Type: ${contentType}" \ -H "Authorization: AWS ${s3Key}:${signature}" \ https://${bucket}.s3.amazonaws.com/${amzFile} -o $outputFile讨论(0) -
I created a complete AWS signature creator. You can find the original file here (please note: it has multiple gist comments so it definitely works!).
readonly AWS_ACCESS_KEY_ID='<your_access_key_id>' readonly AWS_SECRET_ACCESS_KEY='<your_secret_access_key>' readonly AWS_SERVICE='s3' readonly AWS_REGION='us-east-1' readonly AWS_S3_BUCKET_NAME='<your_bucket_name>' readonly AWS_SERVICE_ENDPOINT_URL="\ ${AWS_S3_BUCKET_NAME}.${AWS_SERVICE}.amazonaws.com" # Create an SHA-256 hash in hexadecimal. # Usage: # hash_sha256 <string> function hash_sha256 { printf "${1}" | openssl dgst -sha256 | sed 's/^.* //' } # Create an SHA-256 hmac in hexadecimal format. # Usage: # hmac_sha256 <key> <data> function hmac_sha256 { key="$1" data="$2" printf "${data}" | openssl dgst -sha256 -mac HMAC -macopt "${key}" | \ sed 's/^.* //' } readonly CURRENT_DATE_DAY="$(date -u '+%Y%m%d')" readonly CURRENT_DATE_TIME="$(date -u '+%H%M%S')" readonly CURRENT_DATE_ISO8601="${CURRENT_DATE_DAY}T${CURRENT_DATE_TIME}Z" readonly HTTP_REQUEST_METHOD='GET' readonly HTTP_REQUEST_PAYLOAD='' readonly HTTP_REQUEST_PAYLOAD_HASH="$(printf "${HTTP_REQUEST_PAYLOAD}" | \ openssl dgst -sha256 | sed 's/^.* //')" readonly HTTP_CANONICAL_REQUEST_URI='/video_clips/0940.m3u8' readonly HTTP_CANONICAL_REQUEST_QUERY_STRING='' readonly HTTP_REQUEST_CONTENT_TYPE='application/x-www-form-urlencoded' readonly HTTP_CANONICAL_REQUEST_HEADERS="\ content-type:${HTTP_REQUEST_CONTENT_TYPE} host:${AWS_SERVICE_ENDPOINT_URL} x-amz-content-sha256:${HTTP_REQUEST_PAYLOAD_HASH} x-amz-date:${CURRENT_DATE_ISO8601}" # Note: The signed headers must match the canonical request headers. readonly HTTP_REQUEST_SIGNED_HEADERS="\ content-type;host;x-amz-content-sha256;x-amz-date" readonly HTTP_CANONICAL_REQUEST="\ ${HTTP_REQUEST_METHOD} ${HTTP_CANONICAL_REQUEST_URI} ${HTTP_CANONICAL_REQUEST_QUERY_STRING} ${HTTP_CANONICAL_REQUEST_HEADERS}\n ${HTTP_REQUEST_SIGNED_HEADERS} ${HTTP_REQUEST_PAYLOAD_HASH}" # Create the signature. # Usage: # create_signature function create_signature { stringToSign="AWS4-HMAC-SHA256 ${CURRENT_DATE_ISO8601} ${CURRENT_DATE_DAY}/${AWS_REGION}/${AWS_SERVICE}/aws4_request $(hash_sha256 "${HTTP_CANONICAL_REQUEST}")" dateKey=$(hmac_sha256 key:"AWS4${AWS_SECRET_ACCESS_KEY}" \ "${CURRENT_DATE_DAY}") regionKey=$(hmac_sha256 hexkey:"${dateKey}" "${AWS_REGION}") serviceKey=$(hmac_sha256 hexkey:"${regionKey}" "${AWS_SERVICE}") signingKey=$(hmac_sha256 hexkey:"${serviceKey}" "aws4_request") printf "${stringToSign}" | openssl dgst -sha256 -mac HMAC -macopt \ hexkey:"${signingKey}" | awk '{print $2}' } readonly SIGNATURE="$(create_signature)" readonly HTTP_REQUEST_AUTHORIZATION_HEADER="\ AWS4-HMAC-SHA256 Credential=${AWS_ACCESS_KEY_ID}/${CURRENT_DATE_DAY}/\ ${AWS_REGION}/${AWS_SERVICE}/aws4_request, \ SignedHeaders=${HTTP_REQUEST_SIGNED_HEADERS};x-amz-date, Signature=${SIGNATURE}" curl -X "${HTTP_REQUEST_METHOD}" -v \ "https://${AWS_SERVICE_ENDPOINT_URL}${HTTP_CANONICAL_REQUEST_URI}" \ -H "Authorization: ${HTTP_REQUEST_AUTHORIZATION_HEADER}" \ -H "content-type: ${HTTP_REQUEST_CONTENT_TYPE}" \ -H "x-amz-content-sha256: ${HTTP_REQUEST_PAYLOAD_HASH}" \ -H "x-amz-date: ${CURRENT_DATE_ISO8601}"Please note though, it's much better to use the AWS APIs if you don't have a reason to create a signature.
讨论(0) -
#!/bin/sh # This works for cross region outputFile="/PATH/TO/FILE" awsFile="BUCKETPATH/TO/FILE" bucket="SOME-BUCKET" resource="/${bucket}/${awsFile}" contentType="application/x-compressed-tar" # Change the content type as desired dateValue=`TZ=GMT date -R` #Use dateValue=`date -R` if your TZ is already GMT stringToSign="GET\n\n${contentType}\n${dateValue}\n${resource}" s3Key="ACCESS_KEY_ID" s3Secret="SECRET_ACCESS_KEY" signature=`echo -n ${stringToSign} | openssl sha1 -hmac ${s3Secret} -binary | base64` curl -H "Host: ${bucket}.s3.amazonaws.com" \ -H "Date: ${dateValue}" \ -H "Content-Type: ${contentType}" \ -H "Authorization: AWS ${s3Key}:${signature}" \ https://${bucket}.s3.amazonaws.com/${awsFile} -o $outputFile讨论(0)
加载中...
- 热议问题