AWS CLI

From wikieduonline
Jump to navigation Jump to search

AWS Command Line Tool (CLI)

AWS CLI is available in GitHub: https://github.com/aws/aws-cli/releases.

Installation

  • Linux, execute apt-get -y install awscli and configure it[1] use aws configure and check configuration using aws configure list.
  • macOS, execute: brew install awscli

AWS CLI configuration

First you will need to configure your AWS CLI access: aws configure or aws configure --profile your-new-profile-name. You will be prompted to enter a username and password. Configuration will be saved in directory $HOME/.aws/ in files credentials and config.


Execute aws configure list to view your actual configuration. If you execute for the first time will be something like:

 aws configure list
     Name                    Value             Type    Location
     ----                    -----             ----    --------
  profile                <not set>             None    None
  access_key             <not set>             None    None
  secret_key             <not set>             None    None
  region                 <not set>             None    None

Basic AWS EC2 commands [2]

Before starting to use AWS CLI you will need to configure IAM policies for your user.

  • Get a list of EC2 instances:
aws ec2 describe-instances
  • Get a list of EC2 instances and filter Name, Id and Status:
aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'
  • Create or run an instance
aws ec2 run-instances [3]
  • Start an EC2 instance:
aws ec2 start-instances --instance-ids i-08cf893bbcfd7dc46 (Use your own instance-id)
  • Stop an EC2 instance:
aws ec2 stop-instances --instance-ids i-08cf893bbcfd7dc46 (Use your own instance-id)
  • Show Relational Database Service (RDS) instances:
aws rds describe-db-instances
  • Query and display EC2 metadata: ec2metadata [4] (Distributed in cloud-guest-utils package at least in Debian)

Basic AWS S3 commands

  • List your buckets: aws s3api list-buckets
  • List your buckets in all regions:
for region_name in ap-south-1 eu-west-3 eu-west-2 eu-west-1 ap-northeast-2 ap-northeast-1 sa-east-1 ca-central-1 ap-southeast-1 ap-southeast-2 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2; do 
   aws s3api list-buckets --region $region_name
done
If you do not have permisssions you will get the following error:
An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
  • aws s3 ls your_bucket_name
  • aws --profile your_profile_name s3 ls your_bucket_name (You can also use a profile to define your credentials)
  • aws s3 cp[5]
  • Size of a Bucket: aws s3 ls --summarize --human-readable --recursive s3://bucket-name/ [6]

Basic AWS IAM commands

  • aws iam list-users
If you do not have permisssions you will get the following error:
An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910341356:user/
  • aws iam list-user-policies --user-name USERNAME


Basic AWS Security commands

  • Authorizing Inbond Traffic from anywhere to TCO port 80[7]
aws ec2 describe-instance-attribute --instance-id YOUR_INSTANCE_ID --attribute groupSet
aws ec2 authorize-security-group-ingress --group-id YOUR_GROUP_ID --protocol tcp --port 80 --cidr 0.0.0.0/0

Basic AWS ECS commands

  • aws ecs list-clusters

Basic AWS Config service commands

  • aws configservice get-status


Networking

See Also

  • https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
  • https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
  • https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
  • https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html
  • https://serverfault.com/a/721197
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html
  • Advertising: