AWS CLI
Contents
AWS Command Line Tool (CLI)
AWS CLI is available in GitHub: https://github.com/aws/aws-cli/releases.
Installation
- Ubuntu, execute
apt-get -y install awscli
and configure it[1] useaws configure
and check configuration usingaws configure list
.
- Linux installation from Amazon:
apt install -y curl unzip curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install
pip install awscli
AWS CLI configuration
First you will need to configure your AWS CLI access: aws configure
or aws configure --profile your-new-profile-name
.
You will be prompted to enter a username and password.
Configuration will be saved in directory $HOME/.aws/
in files credentials
and config
.
Execute aws configure list
to view your actual configuration. If you execute for the first time will be something like:
aws configure list
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key <not set> None None
secret_key <not set> None None
region <not set> None None
If you have multiple profiles defined you can list them:
Basic AWS EC2 commands [2]
Before starting to use AWS CLI you will need to configure IAM policies for your user.
- Get a list of EC2 instances:
- Get a list of EC2 instances and filter Name, Id and Status:
aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'
- Create or run an instance
- Start an EC2 instance:
aws ec2 start-instances --instance-ids i-08cf893bbcfd7dc46
(Use your own instance-id)
- Stop an EC2 instance:
aws ec2 stop-instances --instance-ids i-08cf893bbcfd7dc46
(Use your own instance-id)
- Show Relational Database Service (RDS) instances:
aws rds describe-db-instances
- Query and display EC2 metadata:
ec2metadata
[4] (Distributed in cloud-guest-utils
package at least in Debian)
Basic AWS S3 commands
- List your buckets:
aws s3api list-buckets
- List your buckets in all regions:
for region_name in ap-south-1 eu-west-3 eu-west-2 eu-west-1 ap-northeast-2 ap-northeast-1 sa-east-1 ca-central-1 ap-southeast-1 ap-southeast-2 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2; do
aws s3api list-buckets --region $region_name
done
- If you do not have permisssions you will get the following error:
- An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
aws s3 ls your_bucket_name
aws --profile your_profile_name s3 ls your_bucket_name
(You can also use a profile to define your credentials)
aws s3 cp
[5]
- Size of a Bucket:
aws s3 ls --summarize --human-readable --recursive s3://bucket-name/
[6]
Basic AWS IAM commands
aws iam list-users
- If you do not have permisssions you will get the following error:
- An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910341356:user/
aws iam list-user-policies --user-name USERNAME
Basic AWS Security commands
- Authorizing Inbond Traffic from anywhere to TCO port 80[7]
aws ec2 describe-instance-attribute --instance-id YOUR_INSTANCE_ID --attribute groupSet
aws ec2 authorize-security-group-ingress --group-id YOUR_GROUP_ID --protocol tcp --port 80 --cidr 0.0.0.0/0
Basic AWS ECS commands
aws ecs list-clusters
Basic AWS Config service commands
aws configservice get-status
Networking
Related terms
google-cloud-sdk
and gcloud
sam
eksctl
, official AWS cli to manage EKS clusters
- Boto
aws sts get-caller-identity
suaws
See Also
- AWS CLI,
aws
[ configure
| iam
| ec2
| ecs
| eks
| s3
| rds
| sts
| cloudwatch
| cloudformation
| cloudfront
| eventbridge
| lambda
], aws configure list
, .aws/credentials
, .aws/config
, ~/.aws/cli/alias
, --output [ table | json | text | XXX ]
, Aws cli environmental variables: AWS_PROFILE
, AWS_DEFAULT_REGION, AWS_REGION
, AWS_CLI_AUTO_PROMPT
, AWS_SESSION_TOKEN
, aws list all
, auto-prompt
, --version
, whoamiaws, --filters, --help
- AWS EC2, Amazon EC2 API,
aws ec2, AWS::EC2
, Amazon EC2 Spot Instances, CPU credits, Instance type, EC2 limitations, 169.254.169.254, Instance metadata and user data (IMDS), InstanceType, InstanceId
, Amazon EC2 Auto Scaling, AWS EC2 Instance Connect, launch template, lifecycle, AWS Security group (SG), Amazon EC2 Recycle Bin, Amazon EC2 Mac Instances, Global View
- Cloud CLIs: AWS CLI,
eksctl
, sam
, doctl
, gcloud, gsutil
, aliyun
, google-cloud-sdk
, ibmcloud
, cf, heroku
- AWS, Amazon Managed Services, AWS Management & Governance, computing, security, networking, AWS compliance, AWS Outposts AWS Free Tier, AWS certifications, AWS Trusted Advisor, AWS Systems Manager, AWS Config, IAM Access Analyzer, AWS Cost Explorer, AWS Cost Management, AWS Budgets, AWS Organizations, AWS dev: (CodeStar, Cloud9), AWS Partner Network (APN), AWS Resource Access Manager, AWS Quick Starts, AWS Global Accelerator, AWS Elemental MediaStore, AWS Enterprise support, AWS support, AWS Professional Services Consultants, AWS Cloud Map, AWS Marketplace, AWS CLI, AWS Management Console, AWS acceptable use policy, amazonaws.com, Quotas, AWS Support plans, AWS Resource Explorer, AWS Managed Services (AMS), AWS savings, AWS Nitro System, AWS Activate, Serverless, AWS timeline
↑ https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
↑ https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
↑ https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
↑ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
↑ https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html
↑ https://serverfault.com/a/721197
↑ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html
Advertising: