AWS CLI and AWS CLI Commands for Everyday DevOps and Cloud Management
Introduction
AWS Command Line Interface (AWS CLI) is an open-source tool that allows users to interact with AWS services directly from their command-line shell. For DevOps professionals and cloud engineers, the AWS CLI simplifies the management and automation of AWS resources.
The AWS CLI is ideal for automation and scripting tasks, it enables the execution of repetitive tasks without manual intervention, It integrates well with other command-line tools.
Table of Contents
Overview of AWS CLI
Best Practices for Using AWS CLI
Commonly Used AWS CLI Commands
General Commands
Amazon S3 (Simple Storage Service)
Amazon EC2 (Elastic Compute Cloud)
AWS IAM (Identity and Access Management)
AWS Lambda
AWS CloudFormation
AWS RDS (Relational Database Service)
AWS CloudWatch
AWS EKS (Elastic Kubernetes Service)
AWS ECR (Elastic Container Registry)
Conclusion
Installation and Configuration
Installation: The AWS CLI can be installed on Windows, macOS, and Linux. The installation process varies slightly depending on the operating system, but generally involves downloading the installation package from the AWS website or using a package manager.
Configuration: After installation, you need to configure the AWS CLI with your AWS credentials. This can be done using the
aws configure
command, which prompts you to enter your AWS Access Key ID, Secret Access Key, region, and output format (e.g., JSON).aws configure
The AWS CLI uses a consistent syntax:
- aws <service> <operation> <subcommand> [parameters]
For example, to list all S3 buckets, you can use:
- aws s3 ls
Best Practices for Using AWS CLI
Security
Use IAM Roles: Where possible, use IAM roles instead of hardcoding credentials in scripts. This can be done by assuming a role using the AWS CLI or by attaching roles to AWS resources like EC2 instances.
Environment Variables: Store sensitive information such as access keys in environment variables rather than in scripts. This reduces the risk of accidental exposure.
AWS Config File: Use the AWS config file (
~/.aws/credentials
and~/.aws/config
) to securely store credentials and configurations.
Automation and Scripting
Modular Scripts: Write modular and reusable scripts. Use functions and variables to handle repetitive tasks and parameters.
Error Handling: Implement robust error handling in your scripts to manage failures gracefully.
Logging: Include logging in your scripts to record the execution of commands and track any issues that arise.
Efficiency
Batch Operations: Where possible, use batch operations to minimize the number of API calls. For example, use
aws s3 sync
to synchronize files between local storage and S3.Filtering and Querying: Use filters and queries to limit the amount of data returned by commands. This can reduce execution time and improve script performance. The
--query
parameter allows you to format and filter the JSON output.aws ec2 describe-instances --query "Reservations[*].Instances[*].[InstanceId,State.Name]"
Version Control
Keep CLI Updated: Regularly update the AWS CLI to the latest version to benefit from new features and security fixes.
Version Management: Use version control for your scripts to track changes and manage different versions of your automation workflows.
Documentation and Help
Inline Documentation: Document your scripts with comments to explain the purpose and functionality of each section.
AWS CLI Help: Use the built-in help feature to explore command options and understand their usage. The
--help
flag provides detailed information about commands and parameters.
aws s3 --help
Commonly Used AWS CLI Commands
General Commands
Configure AWS CLI
Before you can use the AWS CLI, you need to configure it with your AWS credentials.
aws configure
Get Caller Identity
This command is useful to verify the identity of the IAM user or role that is currently authenticated.
aws sts get-caller-identity
Amazon S3 (Simple Storage Service)
List S3 Buckets
View all S3 buckets in your AWS account.
aws s3 ls
Create a Bucket
Create a new S3 bucket.
aws s3 mb s3://your-bucket-name
Delete a Bucket
Remove an existing S3 bucket.
aws s3 rb s3://your-bucket-name
Upload a File to a Bucket
Upload a file to a specific S3 bucket.
aws s3 cp your-file.txt s3://your-bucket-name/
Download a File from a Bucket
Download a file from an S3 bucket to your local system.
aws s3 cp s3://your-bucket-name/your-file.txt .
Synchronize a Local Directory with a Bucket
Sync a local directory with an S3 bucket to ensure both have the same content.
aws s3 sync your-local-directory/ s3://your-bucket-name/
Amazon EC2 (Elastic Compute Cloud)
List EC2 Instances
List all EC2 instances in your AWS account.
aws ec2 describe-instances
Start an EC2 Instance
Start a specific EC2 instance.
aws ec2 start-instances --instance-ids i-1234567890abcdef0
Stop an EC2 Instance
Stop a specific EC2 instance.
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
Terminate an EC2 Instance
Terminate a specific EC2 instance.
aws ec2 terminate-instances --instance-ids i-1234567890abcdef0
Create an EC2 Key Pair
Create a new EC2 key pair.
aws ec2 create-key-pair --key-name MyKeyPair
AWS IAM (Identity and Access Management)
List IAM Users
View all IAM users in your AWS account.
aws iam list-users
Create an IAM User
Create a new IAM user.
aws iam create-user --user-name new-user
Delete an IAM User
Remove an existing IAM user.
aws iam delete-user --user-name new-user
Attach a Policy to an IAM User
Attach a policy to a specific IAM user to grant permissions.
aws iam attach-user-policy --user-name new-user --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess
AWS Lambda
List Lambda Functions
List all Lambda functions in your AWS account.
aws lambda list-functions
Invoke a Lambda Function
Invoke a specific Lambda function.
aws lambda invoke --function-name MyFunction output.txt
Create a Lambda Function
Create a new Lambda function.
aws lambda create-function --function-name MyFunction --runtime python3.8 --role arn:aws:iam::123456789012:role/service-role/MyLambdaRole --handler lambda_function.lambda_handler --zip-file fileb://function.zip
AWS CloudFormation
List CloudFormation Stacks
List all CloudFormation stacks in your AWS account.
aws cloudformation list-stacks
Create a CloudFormation Stack
Create a new CloudFormation stack.
aws cloudformation create-stack --stack-name my-stack --template-body file://
for more information follow the official documentation, click here