Introduction :
AWS CLI (Amazon Web Services Command Line Interface) is a unified tool that enables users to manage and interact with AWS services directly from a terminal or command prompt. It provides a set of commands that allow you to perform various AWS tasks without using the AWS Management Console.
AWS CLI is a faster, scriptable, and more scalable way to interact with AWS services compared to the graphical user interface (GUI). It is particularly useful for automation, DevOps workflows, and managing AWS services in environments without GUIs (e.g., servers or CI/CD pipelines).
Importance of AWS CLI :
Imagine you work at a company that frequently creates temporary AWS EC2 instances for testing applications. Manually creating these instances through the AWS Management Console is time-consuming and prone to errors.
Without AWS CLI:
Each time a developer requests an instance, you log in to the AWS console, select the region, pick an AMI, choose the instance type, configure security groups, add a key pair, and launch the instance. This process could take 10-15 minutes, and doing it repeatedly can delay workflows.
With AWS CLI:
You write a script using AWS CLI to automate this process.
The script reduces instance creation time to a few seconds.
Developers can use this script themselves, minimizing your manual intervention.
You ensure consistency in configurations (e.g., instance types, AMIs, security groups).
This approach scales well for large teams or multiple environments.
By mastering AWS CLI, we can not only save time but also enhance efficiency and reliability in managing AWS resources, making it an indispensable tool for DevOps engineers.
Setting up AWS CLI :
Step 1: Download and Install AWS CLI
Visit the official AWS CLI and download the installer for your operating system:
Windows: Download and run the
.msiinstaller.Mac/Linux:Use package managers like
brew install awscli(Mac)
After installation, verify it’s installed by running:
aws --version
Step 2: Configure AWS CLI
Run the aws configure command to set up your AWS CLI: (P.S: You need to have one IAM user created)
aws configure
Step 3: Enter AWS Access Keys
Access Key ID: Provide the AWS Access Key ID from your IAM user credentials. You can retrieve these from your AWS Management Console under "Security Credentials."
Secret Access Key: Enter the corresponding Secret Access Key for your IAM user.
These keys authenticate your CLI commands with AWS services.
Step 4: Set Default Region and Output Format
Default Region: Specify the AWS region you want as the default (e.g:
ap-south-1for Mumbai, etc.). This ensures all commands use this region unless otherwise specified.Output Format: Choose the output format for CLI responses:
json(default)text(simpler, tab-delimited)table(easy to read in a terminal)
AWS Access Key ID [None]: AKIAXXXXXXXXXXXXXXXX
AWS Secret Access Key [None]: wJalrXUtnXXXXXXXXXXXXXXX
Default region name [None]: ap-south-1
Default output format [None]: json
IAM (Identity & Access Management) :
List Users:
View all IAM users in your AWS account.
aws iam list-usersCreate a User:
Create a new IAM user.
aws iam create-user --user-name USERNAME aws iam create-user --user_name XOXO
( Note: We have created a new user XOXO. Now, before we configure it, we need to have it’ s access keys known)
Create Access Keys:
Generates an access key ID and secret access key for the user.
aws iam create-access-key --user-name USERNAME aws iam create-access-key --user-name XOXONow, copy the access key ID and secret access key somewhere.
Configure XOXO user we have created:
Used to configure a named profile.
aws configure --profile XOXOEnter all the credentials.
Retrieve details about the identity:
aws sts get-caller-identityThis command retrieves details about the identity (user, role, or service) associated with the AWS credentials you are using.
Attach policy to user:
Assigns a specific policy (e.g.,
AdministratorAccess) to a user.aws iam attach-user-policy --user-name USERNAME --policy-arn POLICY_ARN aws iam attach-user-policy --user-name XOXO --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
Detach policy to user:
aws iam detach-user-policy --user-name USERNAME --policy-arn POLICY_ARN aws iam detach-user-policy --user-name XOXO --policy-arn arn:aws:iam::aws:policy/AdministratorAccessDelete a user:
Deletes an IAM user. Ensure the user has no attached policies, groups, or access keys before deletion.
aws iam delete-user --user-name USERNAME aws iam delete-user --user-name XOXO
S3 (Simple Storage Service) :
List Buckets:
View all S3 buckets in your account.
aws s3 lsCreate New Bucket:
aws s3 mb s3://bucket-name --region ap-south-1 aws s3 mb s3://xoxo-bucket-123 --region ap-south-1
(mb - make bucket)
Delete a Bucket:
Permanently delete a bucket but it should not contain any file.
aws s3 rb s3://bucket-name aws s3 rb s3://xoxo-bucket-123 # To delete bucket with files in them: aws s3 rb s3://xoxo-bucket-123 --force
List contents of the Bucket:
aws s3 ls s3://bucket-name aws s3 ls s3://xoxo-bucket-123 # Use --recursive flag to recursively print all files within all directory aws s3 ls s3://xoxo-bucket-123 --recursiveCopy/Upload files from local machine to Bucket and vice versa:
# From local machine to Bucket aws s3 cp file-path s3://bucket-name aws s3 cp ~/Desktop/EC2image.png s3://xoxo-bucket-123
Copy/Upload files from Bucket to local machine:
# From Bucket to local machine aws s3 cp s3://bucket-name/file-name ~/location-on-machine aws s3 cp s3://xoxo-bucket-123/IAMimage.png ~/DesktopCopy/Upload files from one S3 bucket to another:
aws s3 cp s3://bucket-name/file-name s3://second-bucket-name aws s3 cp "s3://sahilaws-01/The Phoneix Project.pdf" s3://xoxo-bucket-123/
Delete objects from a Bucket:
aws s3 rm s3://bucket-name/file-name aws s3 rm s3://xoxo-bucket-123/"The Phoenix Project.pdf"
Copy Folder:
aws s3 cp ~/folder-path/folder-name bucker-name --recursive aws s3 cp ~/Desktop/Images s3://xoxo-bucket-123/ --recursive
Move Files to Bucket:
It moves the file from the local machine to the bucket, deleting the file from the machine after uploading it to the bucket.
# From local machine to Bucket aws s3 mv ~/Desktop/s3.jpeg s3://xoxo-bucket-123 # From Bucket to local machine aws s3 mv s3://xoxo-bucket-123/s3.jpeg ~/Desktop
Sync Local Folder with S3 Bucket:
The S3 bucket will be updated when the following command is executed, provided there are any changes in the local folder.
aws s3 sync file-path/ s3://bucket-name aws s3 sync ~/Desktop/Images/ s3://xoxo-bucket-123
EC2 (Elastic Cloud Compute) :
List EC2 Instances:
Retrieves details of all EC2 instances in your account.
aws ec2 describe-instancesThis command is used to list all the EC2 instances in your account or provide details about a specific instance.
By default, it lists all the instances in your account, including their state (running, stopped, etc.), instance IDs, public/private IPs, and other metadata.
Use filters or queries to narrow down the information.
Example with query:
aws ec2 describe-instances --query "Reservations[*].Instances[*].[InstanceId,State.Name,PublicIpAddress]" --output table
Launch EC2 Instance:
To launch a new EC2 instance, you need:
An AMI ID (Amazon Machine Image ID, which specifies the OS).
An instance type (e.g.,
t2.microfor free-tier eligible).A key pair and a security group.
aws ec2 run-instances \
--image-id ami-0abcdef123456 \
--count 1 \
--instance-type t2.micro \
--key-name MyKeyPair \
--security-group-ids sg-0123456789abc \
--subnet-id subnet-012345678
Explanation:
--image-id: The ID of the AMI you want to use.--count: Number of instances to launch.--instance-type: Specifies the size of the instance (e.g.,t2.microfor general purpose).--key-name: The key pair for SSH access.--security-group-ids: The security group ID to control traffic.--subnet-id: Subnet in which the instance will be launched.
Retrive all these information:
# Image ID AMI aws ec2 describe-images --owners amazon --filters "Name=name,Values=amzn2-ami-hvm-*" --query "Images[*].[ImageId,Name]" --output table # Subnet ID aws ec2 describe-subnets --query "Subnets[*].[SubnetId,AvailabilityZone]" --output table # Security Group aws ec2 describe-security-groups --query "SecurityGroups[*].[GroupId,GroupName]" --output table # Get Key Pairs aws ec2 describe-key-pairs --query "KeyPairs[*].[KeyName]" --output table
Stop an EC2 Instance:
Stopping an instance halts it temporarily. You won’t be charged for instance usage while it’s stopped.
aws ec2 stop-instances --instance-ids i-0abcdef1234567890 # Replace i-0abcdef1234567890 with your actual instance ID.
Retrieve Instance ID:
aws ec2 describe-instances --query "Reservations[].Instances[].InstanceId" --output tableStart an EC2 Instance:
To restart a stopped instance, use:
aws ec2 start-instances --instance-ids i-0abcdef1234567890
Reboot an Instance:
To reboot a running instance. This command does a soft reboot of the instance. It does not stop/start the instance or change its public IP.
aws ec2 reboot-instances --instance-ids i-0abcdef1234567890Terminate an EC2 Instance:
When you terminate an instance, it’s permanently deleted along with its associated resources (unless explicitly preserved).
aws ec2 terminate-instances --instance-ids i-0abcdef1234567890
Summary:
AWS CLI (Amazon Web Services Command Line Interface) allows users to manage AWS services directly from the terminal, enabling faster, scriptable, and automated workflows compared to the GUI. It is especially beneficial for automation, DevOps tasks, and managing environments without GUIs. Key advantages include reducing instance creation time, ensuring consistency, and improving efficiency. The article outlines setting up AWS CLI, managing IAM users, interacting with S3, and handling EC2 instances, providing command examples for each task to simplify AWS resource management and enhance productivity in cloud environments.
Thank you so much for reading 📖. That's not all—there are more blogs coming on important and fun topics. Feel free to subscribe to my newsletter to get updates as soon as a new blog is uploaded. You can also connect with me on LinkedIn and X.
LinkedIn: https://www.linkedin.com/in/nsahil992
Twitter/X: https://twitter.com/nsahil992