S3 Credentials Versions Save

• Fixed documentation bug. s3-credentials.readthedocs.io should now show the most recent stable release documentation.

• New command: s3-credentials debug-bucket bucket-name. #86
• Fixed bug where calling s3-credentials create bucket-name --create-bucket --public did not make the contents of the bucket available to the public. #88
• s3-credentials list-bucket bucket-name --urls option. #89

• New s3-credentials delete-objects command (docs) for deleting one or more keys from the specified bucket. #83

• s3-credentials put-objects command (docs) for uploading more than one file or directory to an S3 bucket at a time. #68
• s3-credentials get-objects command (docs) for downloading multiple files from an S3 bucket. #78

• Documentation now lives on a dedicated documentation website: https://s3-credentials.readthedocs.io/ #71
• s3-credentials create ... --website --create-bucket now creates an S3 bucket that is configured to act as a website, with index.html an the index page and error.html as the page used for any errors. #21
• s3-credentials list-buckets --details now returns the bucket region and the URL to the website, if it is configured to act as a website. #77
• Fixed a bug where list-bucket would return an error if the bucket (or specified --prefix) was empty. #76

• Using the --policy or --statement options now implies --user-permissions-boundary=none. Previously it was easy to use these options to accidentally create credentials that did not work as expected since they would have a default permissions boundary that locked them down to only being able to access S3. #74
• The s3-credentials.AmazonS3FullAccess role created by this tool in order to issue temporary credentials previously used the default MaxSessionDuration value of 3600, preventing it from creating credentials that could last more than an hour. This has been increased to 12 hours. See this issue comment for instructions on fixing your existing role if this bug is affecting your account. #75

• New --statement JSON option for both the s3-credentials create and s3-credentials policy commands, allowing one or more additional policy statements (provided as JSON strings) to be added to the generated IAM policy. #72

• New set-cors-policy and get-cors-policy for altering the CORS policy for a bucket, documented here. #47
• Each command now shows example usage in --help. #67
• New documentation page listing the --help for every command.

• New list-roles command for listing roles configured for your AWS account. #61

See Weeknotes: s3-credentials prefix and Datasette 0.60 for extra background on these new features.

• New --prefix myprefix/ option to s3-credentials create, which configures the credentials to only allow access to keys within the S3 bucket that start with the provided prefix. #12
• s3-credentials policy --prefix myprefix/ command for generating and outputting a JSON policy that is restricted to the specified prefix. You can see examples in the README.
• New list-bucket command for listing the contents of a specified bucket. #28
• The list-users, list-buckets and list-bucket command all default to outputting an indented JSON array - previously the outputted indented JSON objects separated by newlines. The --nl option can be used to return newline-delimited single line JSON objects. The new --csv and --tsv options can be used to return CSV or TSV output. #48