Md Rashid's blog

AWS CLI and AWS CLI Commands for Everyday DevOps and Cloud Management

Md Rashid Ahmad's photo
Md Rashid Ahmad
·

5 min read

Table of contents

Introduction

AWS Command Line Interface (AWS CLI) is an open-source tool that allows users to interact with AWS services directly from their command-line shell. For DevOps professionals and cloud engineers, the AWS CLI simplifies the management and automation of AWS resources.

The AWS CLI is ideal for automation and scripting tasks, it enables the execution of repetitive tasks without manual intervention, It integrates well with other command-line tools.

Table of Contents

  1. Overview of AWS CLI

  2. Best Practices for Using AWS CLI

  3. Commonly Used AWS CLI Commands

    • General Commands

    • Amazon S3 (Simple Storage Service)

    • Amazon EC2 (Elastic Compute Cloud)

    • AWS IAM (Identity and Access Management)

    • AWS Lambda

    • AWS CloudFormation

    • AWS RDS (Relational Database Service)

    • AWS CloudWatch

    • AWS EKS (Elastic Kubernetes Service)

    • AWS ECR (Elastic Container Registry)

  4. Conclusion

Installation and Configuration

  • Installation: The AWS CLI can be installed on Windows, macOS, and Linux. The installation process varies slightly depending on the operating system, but generally involves downloading the installation package from the AWS website or using a package manager.

  • Configuration: After installation, you need to configure the AWS CLI with your AWS credentials. This can be done using the aws configure command, which prompts you to enter your AWS Access Key ID, Secret Access Key, region, and output format (e.g., JSON).

      aws configure

    • The AWS CLI uses a consistent syntax:

      - aws <service> <operation> <subcommand> [parameters]

    • For example, to list all S3 buckets, you can use:

      • aws s3 ls

Best Practices for Using AWS CLI

Security

  • Use IAM Roles: Where possible, use IAM roles instead of hardcoding credentials in scripts. This can be done by assuming a role using the AWS CLI or by attaching roles to AWS resources like EC2 instances.

  • Environment Variables: Store sensitive information such as access keys in environment variables rather than in scripts. This reduces the risk of accidental exposure.

  • AWS Config File: Use the AWS config file (~/.aws/credentials and ~/.aws/config) to securely store credentials and configurations.

Automation and Scripting

  • Modular Scripts: Write modular and reusable scripts. Use functions and variables to handle repetitive tasks and parameters.

  • Error Handling: Implement robust error handling in your scripts to manage failures gracefully.

  • Logging: Include logging in your scripts to record the execution of commands and track any issues that arise.

Efficiency

  • Batch Operations: Where possible, use batch operations to minimize the number of API calls. For example, use aws s3 sync to synchronize files between local storage and S3.

  • Filtering and Querying: Use filters and queries to limit the amount of data returned by commands. This can reduce execution time and improve script performance. The --query parameter allows you to format and filter the JSON output.

  •       aws ec2 describe-instances --query "Reservations[*].Instances[*].[InstanceId,State.Name]"

Version Control

  • Keep CLI Updated: Regularly update the AWS CLI to the latest version to benefit from new features and security fixes.

  • Version Management: Use version control for your scripts to track changes and manage different versions of your automation workflows.

Documentation and Help

  • Inline Documentation: Document your scripts with comments to explain the purpose and functionality of each section.

  • AWS CLI Help: Use the built-in help feature to explore command options and understand their usage. The --help flag provides detailed information about commands and parameters.

aws s3 --help

Commonly Used AWS CLI Commands

General Commands

Configure AWS CLI
Before you can use the AWS CLI, you need to configure it with your AWS credentials.

aws configure

Get Caller Identity
This command is useful to verify the identity of the IAM user or role that is currently authenticated.

aws sts get-caller-identity

Amazon S3 (Simple Storage Service)

List S3 Buckets
View all S3 buckets in your AWS account.

aws s3 ls

Create a Bucket
Create a new S3 bucket.

aws s3 mb s3://your-bucket-name

Delete a Bucket
Remove an existing S3 bucket.

aws s3 rb s3://your-bucket-name

Upload a File to a Bucket
Upload a file to a specific S3 bucket.

aws s3 cp your-file.txt s3://your-bucket-name/

Download a File from a Bucket
Download a file from an S3 bucket to your local system.

aws s3 cp s3://your-bucket-name/your-file.txt .

Synchronize a Local Directory with a Bucket
Sync a local directory with an S3 bucket to ensure both have the same content.

aws s3 sync your-local-directory/ s3://your-bucket-name/

Amazon EC2 (Elastic Compute Cloud)

List EC2 Instances
List all EC2 instances in your AWS account.

aws ec2 describe-instances

Start an EC2 Instance
Start a specific EC2 instance.

aws ec2 start-instances --instance-ids i-1234567890abcdef0

Stop an EC2 Instance
Stop a specific EC2 instance.

aws ec2 stop-instances --instance-ids i-1234567890abcdef0

Terminate an EC2 Instance
Terminate a specific EC2 instance.

aws ec2 terminate-instances --instance-ids i-1234567890abcdef0

Create an EC2 Key Pair
Create a new EC2 key pair.

aws ec2 create-key-pair --key-name MyKeyPair

AWS IAM (Identity and Access Management)

List IAM Users
View all IAM users in your AWS account.

aws iam list-users

Create an IAM User
Create a new IAM user.

aws iam create-user --user-name new-user

Delete an IAM User
Remove an existing IAM user.

aws iam delete-user --user-name new-user

Attach a Policy to an IAM User
Attach a policy to a specific IAM user to grant permissions.

aws iam attach-user-policy --user-name new-user --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess

AWS Lambda

List Lambda Functions
List all Lambda functions in your AWS account.

aws lambda list-functions

Invoke a Lambda Function
Invoke a specific Lambda function.

aws lambda invoke --function-name MyFunction output.txt

Create a Lambda Function
Create a new Lambda function.

aws lambda create-function --function-name MyFunction --runtime python3.8 --role arn:aws:iam::123456789012:role/service-role/MyLambdaRole --handler lambda_function.lambda_handler --zip-file fileb://function.zip

AWS CloudFormation

List CloudFormation Stacks
List all CloudFormation stacks in your AWS account.

aws cloudformation list-stacks

Create a CloudFormation Stack
Create a new CloudFormation stack.

aws cloudformation create-stack --stack-name my-stack --template-body file://

for more information follow the official documentation, click here

DevopsDevOps Journey#DevopscommunityAWSCloud ComputingCloud