Difference between revisions of "AWS CLI"

From wikieduonline
Jump to navigation Jump to search
 
(66 intermediate revisions by 3 users not shown)
Line 1: Line 1:
  
== AWS Command Line Tool (CLI) ==
+
AWS CLI is available in  
AWS CLI is available in GitHub: https://github.com/aws/aws-cli/releases.
+
* [[GitHub]]: https://github.com/aws/aws-cli/tags
 +
* [[ecr.aws]]: https://gallery.ecr.aws/aws-cli/aws-cli
  
=== Installation ===
+
== [[AWS cli Installation]] ==
Execute <code>apt-get -y install awscli</code> and configure it<ref>https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html</ref> use <code>aws configure</code> and check configuration using <code>aws configure list</code>.
 
  
=== AWS CLI configuration ===
+
== AWS CLI configuration ==
First you will need to configure your AWS CLI access: <code>aws configure</code> or <code>aws configure --profile your-new-profile-name</code>.
+
First you will need to configure your AWS CLI access: <code>[[aws configure]]</code> or <code>[[aws configure --profile]] your-new-profile-name</code>.
 
You will be prompted to enter a username and password.
 
You will be prompted to enter a username and password.
 
Configuration will be saved in directory <code>$HOME/.aws/</code> in files <code>credentials</code> and <code>config</code>.
 
Configuration will be saved in directory <code>$HOME/.aws/</code> in files <code>credentials</code> and <code>config</code>.
  
  
Execute <code>aws configure list</code> to view your actual configuration. If you execute for the first time will be something like:
+
Execute <code>[[aws configure list]]</code> to view your actual configuration. If you execute for the first time will be something like:
<pre>
+
 
# aws configure list
+
  [[aws configure list]]
 
       Name                    Value            Type    Location
 
       Name                    Value            Type    Location
 
       ----                    -----            ----    --------
 
       ----                    -----            ----    --------
 
   profile                <not set>            None    None
 
   profile                <not set>            None    None
access_key               <not set>            None    None
+
  access_key             <not set>            None    None
secret_key               <not set>            None    None
+
  secret_key             <not set>            None    None
    region               <not set>            None    None
+
  region                 <not set>            None    None
</pre>
+
 
 +
If you have multiple profiles defined you can list them:
 +
* <code>[[aws configure list-profiles]]</code>
 +
 
 +
=== Configuration files ===
 +
* <code>[[~/.aws/config]]</code>
 +
* <code>[[~/.aws/credentials]]</code>
 +
* <code>[[~/.aws/cli/alias]]</code>
  
=== Basic AWS EC2 commands <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html</ref> ===
+
== Basic [[AWS EC2]] commands <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html</ref> ==
 
Before starting to use AWS CLI you will need to configure IAM policies for your user.
 
Before starting to use AWS CLI you will need to configure IAM policies for your user.
  
 
* Get a list of EC2 instances:  
 
* Get a list of EC2 instances:  
:<code>aws ec2 describe-instances</code>
+
:<code>[[aws ec2 describe-instances]]</code>
 
* Get a list of EC2 instances and filter Name, Id and Status:  
 
* Get a list of EC2 instances and filter Name, Id and Status:  
 
:<code>aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'</code>  
 
:<code>aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'</code>  
  
 
* Create or run an instance
 
* Create or run an instance
:<code>aws ec2 run-instances</code> <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html</ref>
+
:<code>[[aws ec2 run-instances]]</code> <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html</ref>
  
 
* Start an EC2 instance:
 
* Start an EC2 instance:
Line 53: Line 60:
 
</pre>
 
</pre>
  
* <code>aws s3 ls</code>
+
* <code>[[aws s3 ls]]</code>
 
:If you do not have permisssions you will get the following error:
 
:If you do not have permisssions you will get the following error:
 
::An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
 
::An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
  
 
* <code>aws s3 ls your_bucket_name</code>
 
* <code>aws s3 ls your_bucket_name</code>
* <code>aws --profile your_profile_name s3 ls your_bucket_name</code> (You can also use a profile to define your credentials)
+
* <code>[[aws --profile]] your_profile_name s3 ls your_bucket_name</code> (You can also use a profile to define your credentials)
* <code>aws s3 cp</code><ref>https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html</ref>
+
* <code>[[aws s3 cp]]</code><ref>https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html</ref>
 
* Size of a ''Bucket'': <code>aws s3 ls --summarize --human-readable --recursive s3://bucket-name/</code> <ref>https://serverfault.com/a/721197</ref>
 
* Size of a ''Bucket'': <code>aws s3 ls --summarize --human-readable --recursive s3://bucket-name/</code> <ref>https://serverfault.com/a/721197</ref>
  
Line 65: Line 72:
 
* <code>aws iam list-users</code>
 
* <code>aws iam list-users</code>
 
:If you do not have permisssions you will get the following error:
 
:If you do not have permisssions you will get the following error:
::An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910341356:user/
+
::[[An error occurred (AccessDenied)]] when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910241356:user/
 
* <code>aws iam list-user-policies --user-name USERNAME</code>
 
* <code>aws iam list-user-policies --user-name USERNAME</code>
 
  
 
=== Basic AWS Security commands ===
 
=== Basic AWS Security commands ===
Line 75: Line 81:
  
 
=== Basic AWS ECS commands ===
 
=== Basic AWS ECS commands ===
* <code>aws ecs list-clusters</code>
+
* <code>[[aws ecs list-clusters]]</code>
  
=== Basic AWS Config service commands ===
+
=== Basic [[AWS Config]] service commands ===
 
* <code>aws configservice get-status</code>
 
* <code>aws configservice get-status</code>
  
==See Also ==
+
 
* [[DevOps/Ansible/manage AWS infrastructure using Ansible]]
+
* <code>[[aws ssm-incidents]]</code>
* ''[[aliyun]]'' [[Alibaba Cloud Computing]] CLI
+
 
 +
== Networking ==
 +
* <code>[[aws ec2 describe-subnets]]</code>
 +
 
 +
== Related terms ==
 +
* <code>[[google-cloud-sdk]]</code> and <code>[[gcloud]]</code>
 +
* <code>[[sam]]</code>
 +
* <code>[[eksctl]]</code>, official AWS cli to manage [[EKS]] clusters
 +
* [[Boto]] python library
 +
* <code>[[aws sts get-caller-identity]]</code>
 +
* <code>[[suaws]]</code>
 +
* [[auto-prompt]]
 +
* <code>[[AWS_PROFILE]], [[AWS_CLI_AUTO_PROMPT]]</code>
 +
* <code>[[aws list all]]</code>
 +
* [[AWS Management Console]]
 +
* [[aws-encryption-cli]]
 +
* [[AWS functions]]
 +
 
 +
== See Also ==
 +
* {{aws cli config}}
 +
* {{aws cli}}
 +
* {{AWS IaC}}
 
* {{Cloud CLIs}}
 
* {{Cloud CLIs}}
* {{AWS}}
+
 
* [[IBM Cloud]]: (IBM Cloud Cli)
 
  
 
[[Category:Computing]]
 
[[Category:Computing]]
[[Category:Internet]]
+
[[Category:AWS]]

Latest revision as of 02:43, 6 June 2024

AWS CLI is available in

AWS cli Installation[edit]

AWS CLI configuration[edit]

First you will need to configure your AWS CLI access: aws configure or aws configure --profile your-new-profile-name. You will be prompted to enter a username and password. Configuration will be saved in directory $HOME/.aws/ in files credentials and config.


Execute aws configure list to view your actual configuration. If you execute for the first time will be something like:

 aws configure list
     Name                    Value             Type    Location
     ----                    -----             ----    --------
  profile                <not set>             None    None
  access_key             <not set>             None    None
  secret_key             <not set>             None    None
  region                 <not set>             None    None

If you have multiple profiles defined you can list them:

Configuration files[edit]

Basic AWS EC2 commands [1][edit]

Before starting to use AWS CLI you will need to configure IAM policies for your user.

  • Get a list of EC2 instances:
aws ec2 describe-instances
  • Get a list of EC2 instances and filter Name, Id and Status:
aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'
  • Create or run an instance
aws ec2 run-instances [2]
  • Start an EC2 instance:
aws ec2 start-instances --instance-ids i-08cf893bbcfd7dc46 (Use your own instance-id)
  • Stop an EC2 instance:
aws ec2 stop-instances --instance-ids i-08cf893bbcfd7dc46 (Use your own instance-id)
  • Show Relational Database Service (RDS) instances:
aws rds describe-db-instances
  • Query and display EC2 metadata: ec2metadata [3] (Distributed in cloud-guest-utils package at least in Debian)

Basic AWS S3 commands[edit]

  • List your buckets: aws s3api list-buckets
  • List your buckets in all regions:
for region_name in ap-south-1 eu-west-3 eu-west-2 eu-west-1 ap-northeast-2 ap-northeast-1 sa-east-1 ca-central-1 ap-southeast-1 ap-southeast-2 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2; do 
   aws s3api list-buckets --region $region_name
done
If you do not have permisssions you will get the following error:
An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
  • aws s3 ls your_bucket_name
  • aws --profile your_profile_name s3 ls your_bucket_name (You can also use a profile to define your credentials)
  • aws s3 cp[4]
  • Size of a Bucket: aws s3 ls --summarize --human-readable --recursive s3://bucket-name/ [5]

Basic AWS IAM commands[edit]

  • aws iam list-users
If you do not have permisssions you will get the following error:
An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910241356:user/
  • aws iam list-user-policies --user-name USERNAME

Basic AWS Security commands[edit]

  • Authorizing Inbond Traffic from anywhere to TCO port 80[6]
aws ec2 describe-instance-attribute --instance-id YOUR_INSTANCE_ID --attribute groupSet
aws ec2 authorize-security-group-ingress --group-id YOUR_GROUP_ID --protocol tcp --port 80 --cidr 0.0.0.0/0

Basic AWS ECS commands[edit]

Basic AWS Config service commands[edit]

  • aws configservice get-status


Networking[edit]

Related terms[edit]

See Also[edit]

  • https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
  • https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
  • https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html
  • https://serverfault.com/a/721197
  • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html
  • Advertising: