Use the AWS CLI with Backblaze B2
- Print
- DarkLight
Use the AWS CLI with Backblaze B2
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Backblaze B2 Cloud Storage has S3 endpoints that you can use in conjunction with the AWS Command Line Interface (CLI) to communicate with and update your Backblaze B2 buckets. After configuration, you can use this tool to transfer data between an S3 bucket and Backblaze B2.
Enable Backblaze B2
Before you begin: You must have a Backblaze B2 Cloud Storage account. If you already have a Backblaze account and the left navigation menu contains a B2 Cloud Storage section, your account is already enabled for Backblaze B2.
- Sign in to the Backblaze web console.
- In the user menu in the upper-right corner of the page, select My Settings.
- Under Enabled Products, select the checkbox to enable B2 Cloud Storage.
- Review the Terms and Conditions, and click OK to accept them.
Create an Application Key
- Sign in to the Backblaze web console.
- In the left navigation menu under B2 Cloud Storage, click Application Keys.
- Click Add a New Application Key, and enter an app key name.
You cannot search an app key by this name; therefore, app key names are not required to be globally unique. Key names are limited to 100 characters and can contain letters, numbers, and "-", but not I18N characters, such as é, à, and ü. - Select All or select a specific bucket in the Allow Access to Bucket(s) menu.
- Optionally, select your access type (Read and Write, Read Only, or Write Only).
- Optionally, select Allow List All Bucket Names.
This option is required for the B2 Native API b2_list_buckets and the S3-Compatible API S3 List Buckets operations. - Optionally, enter a file name prefix to restrict application key access only to files with that prefix.
Depending on what you selected in step #4, this limits application key access to files with the specified prefix for all buckets or just the selected bucket. - Optionally, enter a positive integer to limit the time, in seconds, before the application key expires.
The value must be less than 1000 days (in seconds). - Click Create New Key, and note the resulting keyID and applicationKey values.
Note
When you create a new app key, the response contains the actual key string, for example N2Zug0evLcHDlh_L0Z0AJhiGGdY. You can always find the keyID on this page, but for security, the applicationKey appears only once. Make sure you copy and securely save this value elsewhere.
Configure the AWS CLI to Interface With Backblaze B2
Before you begin: Install the AWS CLI. Use the command aws --version to verify that the CLI is installed.
- Use the command
aws configureto begin the configuration process.
You are prompted for several pieces of information that you can find in the App Key section of your Backblaze account. - When AWS prompts you for your AWS Access Key ID, provide your Backblaze
keyID. - When AWS prompts you for your AWS Secret Access Key, provide your Backblaze
applicationKey.NoteYour master application key will not work with the Backblaze S3 Compatible API. You must create a new key that is eligible for use. For more information, see this article. - Leave the Default region name and Default output format fields blank.
- Test the integration by entering the following command to list the buckets in your account:
aws s3 ls --endpoint-url=<S3 Endpoint URL>, for example:% aws s3 ls --endpoint-url=https://s3.us-west-000.backblazeb2.com 2023-07-13 13:10:45 S3-SEDemo 2023-07-13 16:23:52 Storagecraft-SETest 2023-07-13 19:50:20 Terraform-SETest 2023-07-13 14:55:06 Venera-SETest
Use the AWS CLI to Transfer Data to Backblaze B2
Before you begin: If your data comes from an AWS S3 bucket, add your S3 buckets using the configuration tool.
- Copy files to a local directory using the following command:
aws s3 cp s3://<source_bucket>/ <local_directory> --recursive - Transfer files directly to Backblaze B2 using the following command:
aws s3 cp <local_directory>/ s3://<destination_bucket>/ --recursive --endpoint-url=<S3 Endpoint URL>
Create Pre-Signed URLs from the AWS CLI
You can use the AWS CLI to create a pre-signed URL for sharing an object from a bucket.
Enter the following command to generate a pre-signed URL on a file in a bucket that expires in 3,600 seconds (the default value):
aws s3 presign s3://presignTest/downloadTest.txt --endpoint-url=https://s3.us-west-004.backblazeb2.com/A pre-signed URL is returned:
https://s3.us-west-004.backblazeb2.com/presignTest/downloadTest.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=00445156677e7df0000000007%2F20231018%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231018T171903Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=78c2d001f4a35a41605ec5b5c3714f47a370be8c5657c22ea3ab36746519afb5Pre-Signed URL Example Usage
Note
Depending on how you use the pre-signed URL, you may need to enclose it in quotes.
- Use a pre-signed URL to get the contents of a file:
Example output:curl "https://s3.us-west-004.backblazeb2.com/presignTest/downloadTest.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=00445156677e7df0000000007%2F20231018%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231018T171903Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=78c2d001f4a35a41605ec5b5c3714f47a370be8c5657c22ea3ab36746519afb5"This is a test!% - Use a pre-signed URL to save the contents of a file locally (the local file in this example is named “dlTest.txt”):
curl "https://s3.us-west-004.backblazeb2.com/presignTest/downloadTest.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=00445156677e7df0000000007%2F20231018%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231018T171903Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=78c2d001f4a35a41605ec5b5c3714f47a370be8c5657c22ea3ab36746519afb5" --output dlTest.txt
Note
Uploads are possible using pre-signed URLs but they must be generated with one of our S3 Compatible SDKs.
Was this article helpful?