kosli snapshot s3 #
Synopsis #
Report a snapshot of the content of an AWS S3 bucket to Kosli.
To authenticate to AWS, you can either:
- provide the AWS static credentials via flags or by exporting the equivalent KOSLI env vars (e.g. KOSLI_AWS_KEY_ID)
- export the AWS env vars (e.g. AWS_ACCESS_KEY_ID).
- Use a shared config/credentials file under the $HOME/.aws
Option 1 takes highest precedence, while option 3 is the lowest.
More details can be found here: https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#specifying-credentials
You can report the entire bucket content, or filter some of the content using --include
and --exclude
.
In all cases, the content is reported as one artifact. If you wish to report separate files/dirs within the same bucket as separate artifacts, you need to run the command twice.
kosli snapshot s3 ENVIRONMENT-NAME [flags]
Flags #
Flag | Description |
---|---|
--aws-key-id string | The AWS access key ID. |
--aws-region string | The AWS region. |
--aws-secret-key string | The AWS secret access key. |
--bucket string | The name of the S3 bucket. |
-D, --dry-run | [optional] Run in dry-run mode. When enabled, no data is sent to Kosli and the CLI exits with 0 exit code regardless of any errors. |
-x, --exclude strings | [optional] The comma separated list of file and/or directory paths in the S3 bucket to exclude when fingerprinting. Cannot be used together with --include. |
-h, --help | help for s3 |
-i, --include strings | [optional] The comma separated list of file and/or directory paths in the S3 bucket to include when fingerprinting. Cannot be used together with --exclude. |
Flags inherited from parent commands #
Flag | Description |
---|---|
-a, --api-token string | The Kosli API token. |
-c, --config-file string | [optional] The Kosli config file path. (default "kosli") |
--debug | [optional] Print debug logs to stdout. A boolean flag https://docs.kosli.com/faq/#boolean-flags (default false) |
-H, --host string | [defaulted] The Kosli endpoint. (default "https://app.kosli.com") |
--http-proxy string | [optional] The HTTP proxy URL including protocol and port number. e.g. 'http://proxy-server-ip:proxy-port' |
-r, --max-api-retries int | [defaulted] How many times should API calls be retried when the API host is not reachable. (default 3) |
--org string | The Kosli organization. |
Examples Use Cases #
report the contents of an entire AWS S3 bucket (AWS auth provided in env variables)
export AWS_REGION=yourAWSRegion
export AWS_ACCESS_KEY_ID=yourAWSAccessKeyID
export AWS_SECRET_ACCESS_KEY=yourAWSSecretAccessKey
kosli snapshot s3 yourEnvironmentName \
--bucket yourBucketName \
--api-token yourAPIToken \
--org yourOrgName
report what is running in an AWS S3 bucket (AWS auth provided in flags)
kosli snapshot s3 yourEnvironmentName \
--bucket yourBucketName \
--aws-key-id yourAWSAccessKeyID \
--aws-secret-key yourAWSSecretAccessKey \
--aws-region yourAWSRegion \
--api-token yourAPIToken \
--org yourOrgName
report a subset of contents of an AWS S3 bucket (AWS auth provided in env variables)
export AWS_REGION=yourAWSRegion
export AWS_ACCESS_KEY_ID=yourAWSAccessKeyID
export AWS_SECRET_ACCESS_KEY=yourAWSSecretAccessKey
kosli snapshot s3 yourEnvironmentName \
--bucket yourBucketName \
--include file.txt,path/within/bucket \
--api-token yourAPIToken \
--org yourOrgName
report contents of an entire AWS S3 bucket, except for some paths (AWS auth provided in env variables)
export AWS_REGION=yourAWSRegion
export AWS_ACCESS_KEY_ID=yourAWSAccessKeyID
export AWS_SECRET_ACCESS_KEY=yourAWSSecretAccessKey
kosli snapshot s3 yourEnvironmentName \
--bucket yourBucketName \
--exclude file.txt,path/within/bucket \
--api-token yourAPIToken \
--org yourOrgName