Download from s3 via url

Question

I am writing a powershell script to download a file from an s3 url. I keep getting a (403) Forbidden error. The command i use is

Invoke-WebRequest -Uri "http://bucketname.s3.amazonaws.com/file.txt"

The EC2 instance has an IAM role associated with it that has access to download from the s3 bucket. I am able to run commands (cp, ls, etc.) with the aws cli successfully. Is this an issue with the credentials I am passing with the request? Do I need to pass AWS credentials with this request?

I believe S3 uses `https`, not `http`. – wOxxOm Sep 14 '16 at 20:35 — wOxxOm, Sep 14 '16 at 20:35
I did correct this thanks! – Preston Martin Sep 16 '16 at 13:49 — Preston Martin, Sep 16 '16 at 13:49

score 3 · Accepted Answer · answered Sep 14 '16 at 20:46

When you use the Invoke-WebRequest cmdlet the way you are, you are not passing credentials to S3. So even though you're on an EC2 instance authorized to download the file, Amazon S3 does not know it.

When using the AWS CLI, it sends the credentials along with the request.

You have a few options:

Make the file public in S3. This would allow your cmdlet to work as-is. But then anyone would be able to download it.
Use the AWS SDK to download the file instead. As you mentioned, it's working fine.
Use the AWS SDK to generate a pre-signed URL, then you can use Invoke-WebRequest with that pre-signed URL to download the file.
Send credentials with your Invoke-WebRequest call. I would not recommend this because you're just reinventing the wheel.

Download from s3 via url

1 Answers1

Linked