Amazon Web Services/AWS Command Line Tool (CLI)

The AWS Command Line Interface, abbreviated as AWS CLI, is a unified tool to manage your AWS services. With AWS CLI, you can control multiple AWS services from the command line and automate them through scripts.

Installation and configuration

edit

Install on Linux:[1]

sudo apt-get -y install awscli

Check the installed awscli version (also to confirm the installation): aws --version

To configure your AWS CLI access: aws configure or aws configure --profile your-new-profile-name.

You will be prompted to enter a username and password. Configuration will be saved in directory $HOME/.aws/ in files credentials and config.

Execute aws configure list to view your actual configuration. If you execute for the first time will be something like:

# aws configure list
      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key                <not set>             None    None
secret_key                <not set>             None    None
    region                <not set>             None    None

AWS EC2 commands[2]

edit

Before starting to use AWS CLI, you will need to configure IAM policies for your user.

  • Get a list of EC2 instances:
aws ec2 describe-instances
  • Get a list of EC2 instances and filter Name, Id and Status:
aws ec2 describe-instances | egrep 'InstanceId|"Name":|"Value":|PublicIp'
  • Create or run an instance
aws ec2 run-instances [3]
  • Start an EC2 instance:
aws ec2 start-instances --instance-ids i-08cf893bbcfd7dc46 (Use your own instance-id)
  • Stop an EC2 instance:
aws ec2 stop-instances --instance-ids i-08cf893bbcfd7dc46 (Use your own instance-id)
  • Show Relational Database Service (RDS) instances:
aws rds describe-db-instances
  • Query and display EC2 metadata: ec2metadata [4] (Distributed in cloud-guest-utils package at least in Debian)

AWS S3 commands

edit
  • List your buckets: aws s3api list-buckets
  • List your buckets in all regions:
for region_name in ap-south-1 eu-west-3 eu-west-2 eu-west-1 ap-northeast-2 ap-northeast-1 sa-east-1 ca-central-1 ap-southeast-1 ap-southeast-2 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2; do 
   aws s3api list-buckets --region $region_name
done
  • aws s3 ls
If you do not have permisssions you will get the following error:
An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
  • aws s3 ls your_bucket_name
  • aws --profile your_profile_name s3 ls your_bucket_name (You can also use a profile to define your credentials)
  • aws s3 cp[5]
  • Size of a Bucket: aws s3 ls --summarize --human-readable --recursive s3://bucket-name/ [6]

AWS IAM commands

edit
  • aws iam list-users
If you do not have permisssions you will get the following error:
An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::146910341356:user/
  • aws iam list-user-policies --user-name USERNAME

AWS Security commands

edit
  • Authorizing Inbond Traffic from anywhere to TCO port 80[7]
aws ec2 describe-instance-attribute --instance-id YOUR_INSTANCE_ID --attribute groupSet
aws ec2 authorize-security-group-ingress --group-id YOUR_GROUP_ID --protocol tcp --port 80 --cidr 0.0.0.0/0

AWS ECS commands

edit
  • aws ecs list-clusters

AWS Config service commands

edit
  • aws configservice get-status

See Also

edit

Reference

edit
  1. "Install or update the latest version of the AWS CLI - AWS Command Line Interface". docs.aws.amazon.com. Retrieved 2023-12-09.
  2. https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html
  3. https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html
  4. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
  5. https://docs.aws.amazon.com/cli/latest/reference/s3/cp.html
  6. https://serverfault.com/a/721197
  7. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html