Difference between revisions of "AWS CLI"
Jump to navigation
Jump to search
↑ https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
↑ https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
↑ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
↑ https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html
↑ https://serverfault.com/a/721197
↑ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html
(66 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | + | AWS CLI is available in | |
− | AWS CLI is available in GitHub: https://github.com/aws/aws-cli/ | + | * [[GitHub]]: https://github.com/aws/aws-cli/tags |
+ | * [[ecr.aws]]: https://gallery.ecr.aws/aws-cli/aws-cli | ||
− | == | + | == [[AWS cli Installation]] == |
− | |||
− | + | == AWS CLI configuration == | |
− | First you will need to configure your AWS CLI access: <code>aws configure</code> or <code>aws configure --profile your-new-profile-name</code>. | + | First you will need to configure your AWS CLI access: <code>[[aws configure]]</code> or <code>[[aws configure --profile]] your-new-profile-name</code>. |
You will be prompted to enter a username and password. | You will be prompted to enter a username and password. | ||
Configuration will be saved in directory <code>$HOME/.aws/</code> in files <code>credentials</code> and <code>config</code>. | Configuration will be saved in directory <code>$HOME/.aws/</code> in files <code>credentials</code> and <code>config</code>. | ||
− | Execute <code>aws configure list</code> to view your actual configuration. If you execute for the first time will be something like: | + | Execute <code>[[aws configure list]]</code> to view your actual configuration. If you execute for the first time will be something like: |
− | + | ||
− | + | [[aws configure list]] | |
Name Value Type Location | Name Value Type Location | ||
---- ----- ---- -------- | ---- ----- ---- -------- | ||
profile <not set> None None | profile <not set> None None | ||
− | access_key | + | access_key <not set> None None |
− | secret_key | + | secret_key <not set> None None |
− | + | region <not set> None None | |
− | </ | + | |
+ | If you have multiple profiles defined you can list them: | ||
+ | * <code>[[aws configure list-profiles]]</code> | ||
+ | |||
+ | === Configuration files === | ||
+ | * <code>[[~/.aws/config]]</code> | ||
+ | * <code>[[~/.aws/credentials]]</code> | ||
+ | * <code>[[~/.aws/cli/alias]]</code> | ||
− | + | == Basic [[AWS EC2]] commands <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html</ref> == | |
Before starting to use AWS CLI you will need to configure IAM policies for your user. | Before starting to use AWS CLI you will need to configure IAM policies for your user. | ||
* Get a list of EC2 instances: | * Get a list of EC2 instances: | ||
− | :<code>aws ec2 describe-instances</code> | + | :<code>[[aws ec2 describe-instances]]</code> |
* Get a list of EC2 instances and filter Name, Id and Status: | * Get a list of EC2 instances and filter Name, Id and Status: | ||
:<code>aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'</code> | :<code>aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'</code> | ||
* Create or run an instance | * Create or run an instance | ||
− | :<code>aws ec2 run-instances</code> <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html</ref> | + | :<code>[[aws ec2 run-instances]]</code> <ref>https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html</ref> |
* Start an EC2 instance: | * Start an EC2 instance: | ||
Line 53: | Line 60: | ||
</pre> | </pre> | ||
− | * <code>aws s3 ls</code> | + | * <code>[[aws s3 ls]]</code> |
:If you do not have permisssions you will get the following error: | :If you do not have permisssions you will get the following error: | ||
::An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied | ::An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied | ||
* <code>aws s3 ls your_bucket_name</code> | * <code>aws s3 ls your_bucket_name</code> | ||
− | * <code>aws --profile your_profile_name s3 ls your_bucket_name</code> (You can also use a profile to define your credentials) | + | * <code>[[aws --profile]] your_profile_name s3 ls your_bucket_name</code> (You can also use a profile to define your credentials) |
− | * <code>aws s3 cp</code><ref>https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html</ref> | + | * <code>[[aws s3 cp]]</code><ref>https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html</ref> |
* Size of a ''Bucket'': <code>aws s3 ls --summarize --human-readable --recursive s3://bucket-name/</code> <ref>https://serverfault.com/a/721197</ref> | * Size of a ''Bucket'': <code>aws s3 ls --summarize --human-readable --recursive s3://bucket-name/</code> <ref>https://serverfault.com/a/721197</ref> | ||
Line 65: | Line 72: | ||
* <code>aws iam list-users</code> | * <code>aws iam list-users</code> | ||
:If you do not have permisssions you will get the following error: | :If you do not have permisssions you will get the following error: | ||
− | ::An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam:: | + | ::[[An error occurred (AccessDenied)]] when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910241356:user/ |
* <code>aws iam list-user-policies --user-name USERNAME</code> | * <code>aws iam list-user-policies --user-name USERNAME</code> | ||
− | |||
=== Basic AWS Security commands === | === Basic AWS Security commands === | ||
Line 75: | Line 81: | ||
=== Basic AWS ECS commands === | === Basic AWS ECS commands === | ||
− | * <code>aws ecs list-clusters</code> | + | * <code>[[aws ecs list-clusters]]</code> |
− | === Basic AWS Config service commands === | + | === Basic [[AWS Config]] service commands === |
* <code>aws configservice get-status</code> | * <code>aws configservice get-status</code> | ||
− | == | + | |
− | * [[ | + | * <code>[[aws ssm-incidents]]</code> |
− | * | + | |
+ | == Networking == | ||
+ | * <code>[[aws ec2 describe-subnets]]</code> | ||
+ | |||
+ | == Related terms == | ||
+ | * <code>[[google-cloud-sdk]]</code> and <code>[[gcloud]]</code> | ||
+ | * <code>[[sam]]</code> | ||
+ | * <code>[[eksctl]]</code>, official AWS cli to manage [[EKS]] clusters | ||
+ | * [[Boto]] python library | ||
+ | * <code>[[aws sts get-caller-identity]]</code> | ||
+ | * <code>[[suaws]]</code> | ||
+ | * [[auto-prompt]] | ||
+ | * <code>[[AWS_PROFILE]], [[AWS_CLI_AUTO_PROMPT]]</code> | ||
+ | * <code>[[aws list all]]</code> | ||
+ | * [[AWS Management Console]] | ||
+ | * [[aws-encryption-cli]] | ||
+ | * [[AWS functions]] | ||
+ | |||
+ | == See Also == | ||
+ | * {{aws cli config}} | ||
+ | * {{aws cli}} | ||
+ | * {{AWS IaC}} | ||
* {{Cloud CLIs}} | * {{Cloud CLIs}} | ||
− | + | ||
− | |||
[[Category:Computing]] | [[Category:Computing]] | ||
− | [[Category: | + | [[Category:AWS]] |
Latest revision as of 02:43, 6 June 2024
AWS CLI is available in
Contents
AWS cli Installation[edit]
AWS CLI configuration[edit]
First you will need to configure your AWS CLI access: aws configure
or aws configure --profile your-new-profile-name
.
You will be prompted to enter a username and password.
Configuration will be saved in directory $HOME/.aws/
in files credentials
and config
.
Execute aws configure list
to view your actual configuration. If you execute for the first time will be something like:
aws configure list Name Value Type Location ---- ----- ---- -------- profile <not set> None None access_key <not set> None None secret_key <not set> None None region <not set> None None
If you have multiple profiles defined you can list them:
Configuration files[edit]
Basic AWS EC2 commands [1][edit]
Before starting to use AWS CLI you will need to configure IAM policies for your user.
- Get a list of EC2 instances:
- Get a list of EC2 instances and filter Name, Id and Status:
aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'
- Create or run an instance
- Start an EC2 instance:
aws ec2 start-instances --instance-ids i-08cf893bbcfd7dc46
(Use your own instance-id)
- Stop an EC2 instance:
aws ec2 stop-instances --instance-ids i-08cf893bbcfd7dc46
(Use your own instance-id)
- Show Relational Database Service (RDS) instances:
aws rds describe-db-instances
- Query and display EC2 metadata:
ec2metadata
[3] (Distributed incloud-guest-utils
package at least in Debian)
Basic AWS S3 commands[edit]
- List your buckets:
aws s3api list-buckets
- List your buckets in all regions:
for region_name in ap-south-1 eu-west-3 eu-west-2 eu-west-1 ap-northeast-2 ap-northeast-1 sa-east-1 ca-central-1 ap-southeast-1 ap-southeast-2 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2; do aws s3api list-buckets --region $region_name done
- If you do not have permisssions you will get the following error:
- An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
aws s3 ls your_bucket_name
aws --profile your_profile_name s3 ls your_bucket_name
(You can also use a profile to define your credentials)aws s3 cp
[4]- Size of a Bucket:
aws s3 ls --summarize --human-readable --recursive s3://bucket-name/
[5]
Basic AWS IAM commands[edit]
aws iam list-users
- If you do not have permisssions you will get the following error:
- An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910241356:user/
aws iam list-user-policies --user-name USERNAME
Basic AWS Security commands[edit]
- Authorizing Inbond Traffic from anywhere to TCO port 80[6]
aws ec2 describe-instance-attribute --instance-id YOUR_INSTANCE_ID --attribute groupSet
aws ec2 authorize-security-group-ingress --group-id YOUR_GROUP_ID --protocol tcp --port 80 --cidr 0.0.0.0/0
Basic AWS ECS commands[edit]
Basic AWS Config service commands[edit]
aws configservice get-status
Networking[edit]
Related terms[edit]
google-cloud-sdk
andgcloud
sam
eksctl
, official AWS cli to manage EKS clusters- Boto python library
aws sts get-caller-identity
suaws
- auto-prompt
AWS_PROFILE, AWS_CLI_AUTO_PROMPT
aws list all
- AWS Management Console
- aws-encryption-cli
- AWS functions
See Also[edit]
- AWS CLI: environmental variables,
aws configure, ~/.aws/config
,~/.aws/credentials
,~/.aws/cli/alias, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
- AWS CLI,
aws
[configure
|iam
|ec2
|ecs
|eks
|s3
|rds
|sts
|cloudwatch
|cloudformation
|cloudfront
|eventbridge
|lambda
],aws configure list
,.aws/credentials
,.aws/config
,~/.aws/cli/alias
,--output [ table | json | text | XXX ]
, Aws cli environmental variables:AWS_PROFILE
,AWS_DEFAULT_REGION, AWS_REGION
,AWS_CLI_AUTO_PROMPT
,AWS_SESSION_TOKEN
,aws list all
,auto-prompt
,--version
,whoamiaws, --filters, --help
- AWS CLI, AWS Cloudformation, AWS CDK, Boto3
- Cloud CLIs: AWS CLI,
eksctl
,sam
,doctl
,gcloud, gsutil
,aliyun
,google-cloud-sdk
,ibmcloud
,cf, heroku
Advertising: