AWS : CLI - 1

AWS CLI

Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.

CLI installation (Version 1)

Install Python 3

• Python 2.7 is no longer supported. Please install python3

  sudo yum install python3
  pip3 --version
  

Profile Setup

A named profile is a collection of settings and credentials that you can apply to a AWS CLI command. When you specify a profile to run a command, the settings and credentials are used to run that command.

• ~/.aws/credentials

  [default]
  aws_access_key_id=your_aws_access_key_id
  aws_secret_access_key=your_aws_secret_access_key
  

• ~/.aws/config

  [default]
  region=us-west-2
  output=json
  

• The AWS CLI supports using any of multiple named profiles that are stored in the config and credentials files.

• ~/.aws/credentials (Linux / Mac)

  [default]
  aws_access_key_id=your_aws_access_key_id
  aws_secret_access_key=your_aws_secret_access_key
  
  [user1]
  aws_access_key_id=your_aws_access_key_id
  aws_secret_access_key=your_aws_secret_access_key
  

• ~/.aws/config (Linux & Mac)

  [default]
  region=us-west-2
  output=json
  
  [profile user1]
  region=us-east-1
  output=text
  

Samples

EC2

• Get EC2 instances

  aws ec2 describe-instances \
  --filters "Name=instance-type,Values=t2.micro" \
  --query "Reservations[].Instances[].InstanceId"  \
  --profile user1
  

• Stop EC2 instance

  aws ec2 stop-instances --instance-ids i-1234567890abcdef0
  

• Find out all stopped micro EC2 instancs

  instances=($(aws ec2 describe-instances \
  --filters Name=instance-type,Values=t2.micro \
    Name=instance-state-name,Values=stopped \
  --query "Reservations[].Instances[].InstanceId"  \
  --profile ad1 --output text ))
  
  for i in $instances; do echo "$i" ; done;
  

• Find out all unused security group

  comm -23  \
  <(aws ec2 describe-security-groups \
  --profile user1 --query 'SecurityGroups[*].GroupId' \
  --output text \
  | tr '\t' '\n'| sort) \
  <(aws ec2 describe-instances \
  --profile user1   --output text \
  --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId' \
  | tr '\t' '\n'  | sort | uniq)
  

• Find security group by group name

  aws ec2  describe-security-groups  \
    --filters Name=group-name,Values=AD1_Web_Pub_SG  \
    --query="SecurityGroups[*].{ID:GroupId,Tags:Tags[*]}" \
    --profile user1 
  

• Search security group by tags

  aws ec2  describe-security-groups \
    --query="SecurityGroups[*].{GroupName:GroupName,ID:GroupId,Tags:Tags[*]}" \
    --profile user1 | grep "your_group_name"
  

• Search EC2 by specific tag value

  aws ec2 describe-instances \
    --filters "Name=tag-value,Values=AD1_DEV_Web_Pub_Host_A" \
    --profile user1 
  

S3

• List Buckets

  aws s3 ls --profile user1 
  

• List content within the bucket

  aws s3 ls --profile user1 s3://your_bucket_name --recursive
  

• Sync everything to curerent directory

  aws s3 sync --profile  user1 s3://your_bucket_name .
  

• Copy local file to S3 bucket

  aws s3  cp --profile user1 file_name s3://your_bucket_name/file_name