An LWRP that can be used to fetch files from S3.
I created this LWRP to solve the chicken-and-egg problem of fetching files from S3 on the first Chef run on a newly provisioned machine. Ruby libraries that are installed on that first run are not available to Chef during the run, so I couldn’t use a library like Fog to get what I needed from S3.
This LWRP has no dependencies beyond the Ruby standard library, so it can be used on the first run of Chef.
An Amazon Web Services account and something in S3 to fetch.
Multi-part S3 uploads do not put the MD5 of the content in the ETag header. If x-amz-meta-digest is provided in User-Defined Metadata on the S3 Object it is processed as if it were a Digest header (RFC 3230).
The MD5 of the local file will be checked against the MD5 from x-amz-meta-digest if it is present. It not it will check against the ETag. If there is no match or the local file is absent it will be downloaded.
If credentials are not provided, s3_file will attempt to use the first instance profile associated with the instance. See documentation at docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html for more on instance profiles.
s3_file acts like other file resources. The only supported action is :create, which is the default.
Attribute Parameters:
-
‘aws_access_key_id` - your AWS access key id. (optional)
-
‘aws_secret_access_key` - your AWS secret access key. (optional)
-
‘token` - token used for temporary IAM credentials. (optional)
-
‘bucket` - the bucket to pull from.
-
‘remote_path` - the S3 key to pull.
-
‘owner` - the owner of the file. (optional)
-
‘group` - the group owner of the file. (optional)
-
‘mode` - the octal mode of the file. (optional)
Example:
s3_file "/tmp/somefile" do remote_path "/my/s3/key" bucket "my-s3-bucket" aws_access_key_id "mykeyid" aws_secret_access_key "mykey" owner "me" group "mygroup" mode "0644" action :create end