Manage Amazon AWS S3 with PowerShell

Home Blog Manage Amazon AWS S3 with PowerShell

4sysops - The online community for SysAdmins and DevOps

    , ,   4
You can manage Amazon's Simple Storage Service (S3) cloud storage solution with help of the Amazon Web Services AWS Tools for PowerShell. In this post, I will introduce you to the cmdlets that allow you access S3.

Josh Rickard

Josh's primary focus is in Windows security and PowerShell automation. He is a GIAC Certified Windows Security Administrator (GCWN) and GIAC Certified Forensic Analyst (GCFA). You can reach Josh at MSAdministrator.com or on Twitter at @MS_dministrator.

Latest posts by Josh Rickard (see all)

To follow this guide, you will need an AWS account and access keys. The AWS Tools for PowerShell run on Windows XP or later and PowerShell 2.0 or later. If you want to try the AWS Tools for PowerShell Core, you must have PowerShell 5.1 or later installed.

To install the AWS Tools for PowerShell, open up a PowerShell console and run this command:

Once you've installed the AWS Tools for PowerShell, you can see the available cmdlets (hint, there are quite a few with the Get-AWSCmdletName cmdlet). The next example shows you how many cmdlets are available:

Run Get AWSCmdletName with the Count property

Run Get AWSCmdletName with the Count property

We should now proceed to identify which cmdlets are available to manage AWS S3 buckets (storage containers) and objects. You can view all available cmdlets Amazon provides and their documentation here. Additionally, in your PowerShell console you can run the following command to display the available cmdlets related to the S3 service:

The PowerShell cmdlet for S3

The PowerShell cmdlet for S3

Let's get started and create an S3 bucket. First, we have to store the parameters in a hash table. Then we can create the bucket with the New-S3Bucket cmdlet.

Additional parameters are available when creating a new AWS S3 Bucket. For instance, you can set the access rights on this bucket to either PublicReadOnly or PublicReadWrite. You can also set specific CannedACLs (access control lists) on both S3 buckets and S3 objects using the S3CannedACL parameter. However, this is beyond the scope of this post. You can find more information about S3CannedACL here.

If you would like to learn about the New-S3Bucket cmdlet, you can always use the built-in help:

Now that we have a new AWS S3 bucket, we can now add an object that represents that bucket. There are different ways to do this, but I think this is the easiest way:

Once we have our $S3Bucket variable, we can add a new S3 object to our newly created S3 bucket. An S3 object can be anything you can store on a computer—an image, video, document, compiled code (binaries), or anything else. S3 objects can be anything with 1s or 0s. I have seen projects that store entire network log streams as files in an S3 bucket. They have their data analytics tools index right on Amazon S3.

Several available cmdlets allow us to view, copy, read, remove, and write S3 objects:

You can also store entire websites in an S3 bucket, and each of these files would then be an S3 object. You can find more information about hosting an S3 website here or by running the following:

Let's go ahead and add a new S3 object to our bucket. To do this, we are going to use another cmdlet: Write-S3Object.

We now have an Amazon AWS S3 bucket with a new S3 object (file). The Write-S3Object cmdlet has many optional parameters and allows you to copy an entire folder (and its files) from your local machine to a S3 bucket. You can also create content on your computer and remotely create a new S3 object in your bucket. With the help of the AWS PowerShell Tools, you can set parameters such as content type, metadata, ACLs, headers, access rights, and encryption. You will hardly miss a single feature when it comes to S3 buckets and S3 objects.

PowerShell is usually associated with Microsoft Azure. However, the AWS PowerShell Tools provide a PowerShell lover with a well-matched console and scripting environment to manage Amazon's cloud.

Join the 4sysops PowerShell group!

Your question was not answered? Ask in the forum!

3+

Users who have LIKED this post:

  • avatar
  • avatar
Share
4 Comments
  1. Jack 2 years ago

    Thanks for sharing very helpful article...

    1+

    Users who have LIKED this comment:

    • avatar
    Reply
  2. mike 6 months ago

    FYI - You have "(GetAWSCmdletName).Count" without a dash in one of your first most examples, but otherwise this is a fantastic article so, cheers!

    0

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *

*

Follow 4sysops

Twitter Facebook Linkedin RSS

Subscribe to post notfications

Leaderboards

Member Leaderboard – Month

Member Leaderboard – Year

Author Leaderboard – 30 Days

Author Leaderboard – Year

Site Wide Activities [RSS]

Viewing 1 - 10 of 10 items
  • Profile picture of Michael C. Cook Sr.

    Michael C. Cook Sr. posted an update 6 hours, 57 minutes ago

    I'm making some radical updates to this project 'Hybrid - Desired State Controller', wanted to showcase this GUI/networking module that will integrate the MDT/Image Factory/PSD Master project in addition to automating the configuration of IIS, DNS, DHCP, and Certificate based services.

    It's still a long way from being complete, however, you can scope out the tool I made for Active Directory Domain Controller Promotion ( DCPromo ).

    Project is located here.
    https://github.com/mcc85s/PSD-Remaster

    This is as PowerShell based/focused as it is a System Administration and Network Security Engineering. (putting my old school MCSE stuff to the test...)

    Will have my website relaunched soon, probably with Blazor. If you haven't heard of Blazor... well, it's sort of like if a ninja had a baby with a viking. Takes 2 cool things like ASP.Net and Razor/WebAssembly, and makes it possible to do C# instead of Javascript. And... I think it's cool cause I don't like JS.

    - MC

    Share

  • TomH commented on Convert Windows Server 2019 Evaluation to the retail edition 9 hours, 28 minutes ago

    Thanks for the reply. I'm reading of folks unable to do the in-place upgrade. And I've seen multiple examples of that, where they tried to do it, and it did not give them the option. Since I'm on, effectively, a trial copy of 2012R2, I think I fall into that category, where it will not allow me to upgrade from eval to eval.

    The quote I get on one response was: You cannot in-place upgrade to a higher version of windows in any of these scenarios from licensed to evaluation, evaluation to licensed, evaluation to evaluation. That makes a kind of sense.

    Again, thanks for the response. Time to reboot my mind and take a different approach.

    Share
  • Profile picture of Vladan Seget

    Vladan Seget commented on Convert Windows Server 2019 Evaluation to the retail edition 10 hours, 22 minutes ago

    Good question, simply download an eval from Microsoft, and then apply the license number you've got when you bought the product.

    Share

  • TomH commented on Convert Windows Server 2019 Evaluation to the retail edition 10 hours, 50 minutes ago

    So if I want to do an in-place upgrade from 2012R2 to 2019, how do I download a copy of 2019 that does that? When I buy the 2019 license 16core, will that include the software or a link to download it?

    Share

  • murat commented on Group logo of PowerShell10 reasons for using PowerShell ISE instead of the PowerShell console 11 hours, 2 minutes ago

    Guys does someone know why a module (PM1) works in ISE but not in the PS Console.

    Its a little script what I wrote to logon on 365 what write the credentials in the registry.

    Don't get error messages.

    Strange thing is that the same script works within the console when I save it as PS1.

    So not working as PM1 but as PS1 no problem. 

    Share

  • Alon Or commented on Group logo of PowerShellInstall fonts with a PowerShell script 11 hours, 2 minutes ago

    I use the following code to install Fonts on remote PCs, no need to logoff or reboot. Tested on 1909.

    #Computers to install fonts to
$ComputerArray = @("Pc1","Pc2","Pc3")
#A Share containing only the fonts you want to install
$FontDir="FileServerSharesHelpdeskSpecialFonts"
#Wil be created on remote Pc if not exists, fonts will be copied here and deleted after install.
$PcStagingDir="c:tools"

foreach ($pc in $ComputerArray) {
If((Test-Connection -ComputerName  $pc -Count  1 -ErrorAction SilentlyContinue) -and ($Winrmstatus=Test-WSMan -ComputerName $pc -ErrorAction SilentlyContinue)) {
$RemotePcStagingDir = "$pc$($PcStagingDir.replace(':','$'))"
$DisabledSvcs=@()
$ServiceName = @("WinRM")
foreach ($svc in $ServiceName) {
        $i=0
        while(((Get-Service -ComputerName $pc -Name $svc -ErrorAction SilentlyContinue).status -ne "Running")-and($i -lt 10)){
            if((Get-Service -ComputerName $pc -Name $svc -ErrorAction SilentlyContinue).StartType -eq "Disabled"){
            Write-Host "Try $i , Setting service $svc StartType to Manual on $pc ..."
            $DisabledSvcs+=$svc
            Set-Service -ComputerName $pc -Name $svc -StartupType Manual -ErrorAction SilentlyContinue}
        Write-Host "Try $i / 10 , Starting $svc Service on $pc ..."
        $commandz="sc "+$pc +" Start "+$svc
        & cmd.exe /c $commandz | Out-Null
        $i++
        sleep 3}
        if($i -ge 10){break}
    }
if($i -ge 10){Write-Host "Could NOT start service $svc, Skipping Computer $pc" -ForegroundColor Red}else{
if ( -not (Test-Path -Path $RemotePcStagingDir)){New-Item -Path $RemotePcStagingDir -ItemType Directory -Force}
$RemoteWinDir=Invoke-Command -ComputerName $pc -ScriptBlock {return $env:windir}
foreach($FontFile in (Get-ChildItem -file -path $FontDir)){
    if(-not(Test-Path "$pc$($RemoteWinDir.replace(':','$'))Fonts$FontFile")){
        Copy-Item "$FontDir$FontFile" -Destination $RemotePcStagingDir -Force
        Invoke-Command -ComputerName $pc -ScriptBlock {
       $filePath="$using:PcStagingDir$using:FontFile"
       $fontRegistryPath = "HKLM:SOFTWAREMicrosoftWindows NTCurrentVersionFonts"
       $fontsFolderPath = "$($env:windir)fonts"
    # Create hashtable containing valid font file extensions and text to append to Registry entry name.
    $hashFontFileTypes = @{}
    $hashFontFileTypes.Add(".fon", "")
    $hashFontFileTypes.Add(".fnt", "")
    $hashFontFileTypes.Add(".ttf", " (TrueType)")
    $hashFontFileTypes.Add(".ttc", " (TrueType)")
    $hashFontFileTypes.Add(".otf", " (OpenType)")
    try
    {
        [string]$filePath = (Get-Item $filePath).FullName
        [string]$fileDir  = split-path $filePath
        [string]$fileName = split-path $filePath -leaf
        [string]$fileExt = (Get-Item $filePath).extension
        [string]$fileBaseName = $fileName -replace($fileExt ,"")

        $shell = new-object -com shell.application
        $myFolder = $shell.Namespace($fileDir)
        $fileobj = $myFolder.Items().Item($fileName)
        $fontName = $myFolder.GetDetailsOf($fileobj,21)
        
        if ($fontName -eq "") { $fontName = $fileBaseName }

        copy-item $filePath -destination $fontsFolderPath

        $fontFinalPath = Join-Path $fontsFolderPath $fileName
        if (-not($hashFontFileTypes.ContainsKey($fileExt))){Write-Host "File Extension Unsupported";$retVal = 0}
        if ($retVal -eq 0) {
            Write-Host "Font `'$($filePath)`'`' installation failed on $env:computername" -ForegroundColor Red
            Write-Host ""
            1
        }
        
        else
        {
            Set-ItemProperty -path "$($fontRegistryPath)" -name "$($fontName)$($hashFontFileTypes.$fileExt)" -value "$($fileName)" -type STRING
            Write-Host "Font `'$($filePath)`' $fontName $($hashFontFileTypes.$fileExt) installed successfully on $env:computername" -ForegroundColor Green
        }

    }
    catch
    {
        Write-Host "An error occured installing `'$($filePath)`' on $env:computername" -ForegroundColor Red
        Write-Host "$($error[0].ToString())" -ForegroundColor Red
        $error.clear()
    }
    }
     }
     Remove-Item "$RemotePcStagingDir$FontFile" -ErrorAction SilentlyContinue
}
}
foreach($DisabledSvc in $DisabledSvcs){
    Write-Host "Setting service $DisabledSvc StartType to Disabled on $pc ..."
    Set-Service -ComputerName $pc -Name $DisabledSvc -StartupType Disabled -ErrorAction SilentlyContinue
    $commandz="sc "+$pc +" Stop "+$DisabledSvc
    & cmd.exe /c $commandz | Out-Null
}
}else{if($Winrmstatus){Write-Host "No Connection to Remote Pc $pc" -ForegroundColor Red}Else{Write-Host "No Connection to WinRM service on Remote Pc $pc" -ForegroundColor Red}}
}
    Share
  • Profile picture of tmack

    tmack liked Using PowerShell type accelerators. (So far, This post has 5 likes) 11 hours, 30 minutes ago

    Share
  • Profile picture of Swapnil Kambli

    Swapnil Kambli commented on Group logo of PowerShellManage Azure role-based access control with PowerShell 11 hours, 31 minutes ago

    here is an example for creating custom role

    $role = [Microsoft.Azure.Commands.Resources.Models.Authorization.PSRoleDefinition]::new()$role.Name = 'custom access role'$role.Description = 'custom role.'$role.IsCustom = $true$perms = 'Microsoft.Network/networkInterfaces/read','Microsoft.Compute/virtualMachines/read'$role.Actions = $perms$subs = '/subscriptions/hjhjhjhjhjhjhjhjh'$role.AssignableScopes = $subsNew-AzRoleDefinition -Role $role

    Share
  • Profile picture of Paolo Maffezzoli

    Paolo Maffezzoli replied to the topic Issue posting news in Community Forum 14 hours, 12 minutes ago

    From the last few days it takes more time than usual.

    Share
  • Profile picture of Michael Pietroforte

    Michael Pietroforte replied to the topic Issue posting news in Community Forum 14 hours, 49 minutes ago

    Since when do you experience this problem?

    Share
© 4sysops 2006 - 2019

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account