how to provide a file content as an aws cli option value

674 views Asked by At

I am trying to create an SFTP user with the help of AWS CLI in my Linux Box.

Below is the AWS CLI command which I am passing in my bash script (my ssh public key is in a file, with the help of variable I am passing same into AWS CLI options section)

customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)

aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body $customer_name_pub_value --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="[email protected]",Key=Service,Value="sftp"' --role customer-sftp-role

Below is the ERROR which I am facing while executing above commands:

[developer@dev-lin demo]$ aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body $customer_name_pub_value --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="[email protected]",Key=Service,Value="sftp"' --role customer-sftp-role
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:

  aws help
  aws <command> help
  aws <command> <subcommand> help

Unknown options: [email protected], XXXXXXXXXXAB3NzaC1yc2EAAAADAQABAAABAQCm2hI3Y33K1GVbdQV0lfkm/klZRJS7Kcz8+53e/BoIbVMFH0jqm1aejELDFgPnN7HvIZ/csYGzF/ssTx5lXVaHQh/qkYwfqQBg8WvXVB0Jmogj1hr6z5M8Qy/3oCx0fSmh6e/Ekfk8vHhiHQlGZV3o8a2AW5SkP8IH/OgT6Bq+SMuB+xtSciVBZqSLI0OgYtOZ0MyxBzfLau1Tyegu5lVFevZDVjecnIaS4l+v2VIQ/OgaZ40oAI3NuRZ2EdnLqEqFyLjasx4kcuwNzD5oaXAU6T9UsqKN2rVLMKrXXXXXXXXXXX

Am I missing something bash syntax while passing option value!

UPDATE 30-March-2020 as per suggestions in below comments, I have added AWS ARN Role in command, now facing different issue than previous

CODE:


customer_name='demo'
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)


aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body "$customer_name_pub_value" --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="[email protected]",Key=Service,Value="sftp"' --role "arn:aws:iam::8XXXXXXXXX2:role/customer-sftp-role"

ERROR



An error occurred (ValidationException) when calling the CreateUser operation: 1 validation error detected: Value 'script-test/power-archive-ireland/demo/' at 'homeDirectory' failed to satisfy constraint: Member must satisfy regular expression pattern: ^$|/.*

2

There are 2 answers

0
Naman Joshi On BEST ANSWER

Below is the final working CLI command:

Changes

  1. Added ROLE ARN (Thanks @user1394 for the suggestion)

  2. Biggest issue resolved by placing / before --home-directory option (bad AWS documentation (https://docs.aws.amazon.com/cli/latest/reference/transfer/create-user.html) and their out-dated RegEx ^$|/.*)

  3. Transform the broken CLI into JSON based CLI to fix the final bug (not all the tags were able to attach in old command)

#!/bin/bash

customer_name='demo'
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)

aws transfer create-user \
        --user-name $customer_name \
        --server-id s-aaabbbccc \
        --role "arn:aws:iam::8XXXXXXXXX2:role/customer-sftp-role" \
        --ssh-public-key-body "$customer_name_pub_value" \
        --home-directory /script-test/power-archive-ireland/$customer_name \
        --tags '[
                {"Key": "Product", "Value": "demo"},
                {"Key": "Environment", "Value": "dev"},
                {"Key": "Contact", "Value": "[email protected]"},
                {"Key": "Service", "Value": "sftp"}
        ]'
3
user1394 On

Yes, for the final bug, you should feed it as a list of objects:

--tags [{Key="Product", Value="demo"}, {Key="Environment", Value="dev"}, {Key="Contact", Value="[email protected]"}, {Key="Service", Value="sftp"

You may need to put "Key" and "Value" in quotes or even perhaps have to try key:value pairs (i.e. {"Product": "demo"}), but this should be the general syntax.