S3 Birectional Replication - amazon-web-services

In order to enable S3 bi-directional replication , should I perform put bucket replication on both buckets and ensure that the role that I am using can support bi-directional replication?
aws s3api put-bucket-replication --bucket east-bucket --replication-configuration file://replication-east.json
aws s3api put-bucket-replication --bucket west-bucket --replication-configuration file://replication-west.json

Related

How to all S3 bucket configuration settings from the CLI?

I would like to pull all of the configuration values for an S3 bucket, for example encryption settings, ACL lists, etc from the command line.
Unfortunately, aws s3api doesn't seem to have a unified view of configuration, instead you have to query each configuration type individually, for example:
aws s3api get-bucket-accelerate-configuration --bucket my-bucket >> my-bucket-config
aws s3api get-bucket-acl --bucket my-bucket >> my-bucket-config
aws s3api get-bucket-cors --bucket my-bucket >> my-bucket-config
# ....and many, many more
Is there another API, or method that provides a uniform view of how an S3 bucket is configured from the CLI?
The AWS Config service can provide this type of aggregate configuration information in JSON form.
For example:
aws configservice get-resource-config-history \
--resource-type AWS::S3::Bucket \
--resource-id mybucket

Get the CLI Config for an AWS S3 Bucket

I want to see the existing configuration for a S3 Bucket, so that I can steal and tweak it for my own purposes, in a variety of cases. However, I am not seeing an option I would expect:
aws s3api describe-bucket --bucket BucketName
Akin to the EMR describe cluster option that does exist:
aws emr describe-cluster --cluster-id j-1PGB1J30TZHQF
There is no single API call or CLI invocation to return the configuration of an S3 bucket, that I'm aware of.
You'd need to query a number of different things, for example its bucket policy, its CORS configuration, any ACLs, transfer acceleration configuration, tags, and more.
All of these things are available from the awscli, for example:
aws s3api get-bucket-policy --bucket X
aws s3api get-bucket-cors --bucket X
aws s3api get-bucket-location --bucket X
aws s3api get-bucket-versioning --bucket X

Make an S3 Bucket Permissions Public Access to 'Everyone' using CLI

How would I set the S3 Bucket Permissions for Public Access to 'Everyone' for Read Files using AWS CLI?
The documentation does not have clear specification of how to do this and have tried multiple variations. My end goal is to make the bucket a static site server bucket.
S3 Bucket ACL permission are set after the bucket is created - I achieved a public file read bucket using this command
aws s3api put-bucket-acl --bucket ${SITE_NAME} --acl public-read
After creating the bucket:
aws s3api create-bucket --bucket ${SITE_NAME} --region ap-southeast-2 --create-bucket-configuration LocationConstraint=ap-southeast-2
Hope the below command will help you to make the s3 object public through the AWS CLI command.
aws s3api put-object-acl --bucket <bucketname> --key <object name with extension> --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers

Cannot create Amazon S3 Bucket in specified region

On my macOS Sierra:
$ aws s3api create-bucket --bucket testbucket --region us-west-1
{
"Location": "/testbucket"
}
Then...
$ aws s3api get-bucket-location --bucket testbucket
{
"LocationConstraint": null
}
The weird thing is if I were to check my console, it would show my bucket created but in US East(N. Virginia region). Is the us-west-1 region not available or something?
If it makes a difference, from
$ aws configure
I can see that my default region name is us-west-1
Default region name [us-west-1]:
From the documentation: "Regions outside of us-east-1 require the appropriate LocationConstraint to be specified in order to create the bucket in the desired region"
Try:
aws s3api create-bucket --region us-west-1 --bucket textbucket --create-bucket-configuration LocationConstraint=us-west-1

s3api get-bucket-location returns null for us-east-1 bucket

Don't know why this happens, but getting null for location call
aws --version
aws-cli/1.10.62 Python/2.7.11 Darwin/16.1.0 botocore/1.4.52
aws> s3api get-bucket-location --bucket joshuacalloway-us-east-2-bucket
{
"LocationConstraint": "us-east-2"
}
aws> s3api get-bucket-location --bucket joshuacalloway-us-east-1-bucket
{
"LocationConstraint": null
}
us-east-1 is a specific region as discussed in some AWS doc as below:
https://aws.amazon.com/fr/blogs/developer/leveraging-the-s3-and-s3api-commands/
For example, if I make a bucket located in the Frankfurt region using the s3 commands:
$ aws s3 mb s3://myeucentral1bucket --region eu-central-1
make_bucket: s3://myeucentral1bucket/`
I can then use s3api get-bucket-location to determine the region of my newly created bucket:
$ aws s3api get-bucket-location --bucket myeucentral1bucket
{
"LocationConstraint": "eu-central-1"
}
As shown above, the value of the LocationConstraint member in the output JSON is the expected region of the bucket, eu-central-1. Note that for buckets created in the US Standard region, us-east-1, the value of LocationConstraint will be null. As a quick reference to how location constraints correspond to regions, refer to the AWS Regions and Endpoints Guide.
http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
If you use a region other than the US East (N. Virginia) endpoint to create a bucket, you must set the LocationConstraint bucket parameter to the same region