how to provide a file content as an aws cli option value

1
votes

I am trying to create an SFTP user with the help of AWS CLI in my Linux Box.

Below is the AWS CLI command which I am passing in my bash script (my ssh public key is in a file, with the help of variable I am passing same into AWS CLI options section)

customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)

aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body $customer_name_pub_value --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="[email protected]",Key=Service,Value="sftp"' --role customer-sftp-role

Below is the ERROR which I am facing while executing above commands:

[developer@dev-lin demo]$ aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body $customer_name_pub_value --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="[email protected]",Key=Service,Value="sftp"' --role customer-sftp-role
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:

  aws help
  aws <command> help
  aws <command> <subcommand> help

Unknown options: [email protected], XXXXXXXXXXAB3NzaC1yc2EAAAADAQABAAABAQCm2hI3Y33K1GVbdQV0lfkm/klZRJS7Kcz8+53e/BoIbVMFH0jqm1aejELDFgPnN7HvIZ/csYGzF/ssTx5lXVaHQh/qkYwfqQBg8WvXVB0Jmogj1hr6z5M8Qy/3oCx0fSmh6e/Ekfk8vHhiHQlGZV3o8a2AW5SkP8IH/OgT6Bq+SMuB+xtSciVBZqSLI0OgYtOZ0MyxBzfLau1Tyegu5lVFevZDVjecnIaS4l+v2VIQ/OgaZ40oAI3NuRZ2EdnLqEqFyLjasx4kcuwNzD5oaXAU6T9UsqKN2rVLMKrXXXXXXXXXXX

Am I missing something bash syntax while passing option value!

UPDATE 30-March-2020 as per suggestions in below comments, I have added AWS ARN Role in command, now facing different issue than previous

CODE:

customer_name='demo'
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)


aws transfer create-user --user-name $customer_name --home-directory script-test/power-archive-ireland/$customer_name/ --server-id s-aaabbbccc --ssh-public-key-body "$customer_name_pub_value" --tags 'Key=Product,Value="demo",Key=Environment,Value=dev,Key=Contact,Value="[email protected]",Key=Service,Value="sftp"' --role "arn:aws:iam::8XXXXXXXXX2:role/customer-sftp-role"

ERROR


An error occurred (ValidationException) when calling the CreateUser operation: 1 validation error detected: Value 'script-test/power-archive-ireland/demo/' at 'homeDirectory' failed to satisfy constraint: Member must satisfy regular expression pattern: ^$|/.*
2
linuxamazon-web-servicesshellaws-cliaws-sftp
Maybe delete the trailing slash at the end of the home-directory? Also, I believe you want to pass the ARN to --role? - user1394
Another possibility is the format of the --tags as a list (perhaps take them out of quotes, mess with that) - user1394
An easy way to debug this type of thing is to put "echo" at the front, so it simply prints the command, rather than running it. You can then verify that all the data is being correctly referenced. Since the error message is referencing data that wasn't in your command, it's likely coming from the $variables. - John Rotenstein
@user1394 I have tried by removing trailing / from the home directory but still the same issue. ` An error occurred (ValidationException) when calling the CreateUser operation: 1 validation error detected: Value 'demo.ui/demo-test/ui-dl-power-archive-ireland/customer' at 'homeDirectory' failed to satisfy constraint: Member must satisfy regular expression pattern: ^$|/.* ` And thanks for correcting Role ARN suggestion, I have updated ARN Role - Naman Joshi
@JohnRotenstein Thanks for the suggestion, I have tried breaking as much as possible but couldn't get the cause of the ERROR, Also updated the ERROR stack, have look if you can find something. - Naman Joshi

2 Answers

0
votes

Yes, for the final bug, you should feed it as a list of objects:

--tags [{Key="Product", Value="demo"}, {Key="Environment", Value="dev"}, {Key="Contact", Value="[email protected]"}, {Key="Service", Value="sftp"

You may need to put "Key" and "Value" in quotes or even perhaps have to try key:value pairs (i.e. {"Product": "demo"}), but this should be the general syntax.

0
votes

Below is the final working CLI command:

Changes

  1. Added ROLE ARN (Thanks @user1394 for the suggestion)

  2. Biggest issue resolved by placing / before --home-directory option (bad AWS documentation (https://docs.aws.amazon.com/cli/latest/reference/transfer/create-user.html) and their out-dated RegEx ^$|/.*)

  3. Transform the broken CLI into JSON based CLI to fix the final bug (not all the tags were able to attach in old command)

#!/bin/bash

customer_name='demo'
customer_name_pub_value=$(cat /home/developer/naman/dir/$customer_name.pub)

aws transfer create-user \
        --user-name $customer_name \
        --server-id s-aaabbbccc \
        --role "arn:aws:iam::8XXXXXXXXX2:role/customer-sftp-role" \
        --ssh-public-key-body "$customer_name_pub_value" \
        --home-directory /script-test/power-archive-ireland/$customer_name \
        --tags '[
                {"Key": "Product", "Value": "demo"},
                {"Key": "Environment", "Value": "dev"},
                {"Key": "Contact", "Value": "[email protected]"},
                {"Key": "Service", "Value": "sftp"}
        ]'