Everyone has a backup script that takes a tarball/zipfile/etc and uploads it somewhere for safe-keeping. In a lot of places where I’ve worked, the “somewhere” winds up being an Amazon S3 bucket (or lately a DigitalOcean Space). These scripts are lovingly crafted and sometimes quite clever, using the aws cli or s3cmd, or something custom.
What I wanted was to encode my process for encrypting a backup and sending that backup to an S3 bucket....
Sam Newman recently published a very interesting blog entry on using fabric to apply puppet scripts on remote machines. He left the provision_using_boto() method as an exercise to the reader. That just sounded tempting enough to be a challenge since I hadn't gotten around to looking at boto. You can find the result of my attempt on GitHub. To be precise aws.py implements the provisioning using boto and fabfile.py drives fabric and puppet....
It is now possible to invalidate objects (files) in AWS CloudFront distributions. Handy when someone, like me, occasionally publishes files with the wrong content type. Here is how I implement this invalidation in python....