AWS CLI Cheat Sheet
The AWS CLI is a handy and extremely powerful tool for managing resources on AWS from a local shell. In this post we will walk through the process of setting up the AWS CLI on a Linux Machine ( I use the Linux Subsystem on Windows which gives me an Ubuntu bash). Then we begin using the AWS CLI to perform administrative tasks on the environment.
What you need
- AWS Account
- AWS IAM User with the correct permissions to administer EC2
- The Access keys of said AWS IAM User with the correct permissions
- Linux
- AWS CLI
Lets get started…
Setting Up The AWS CLI
Setup an IAM User with Permission to Administer EC2
I am always in the habit of thinking about what group a user should be in before I create the user account. In this case my new user is going to be a System Administrator with some elevated permissions. First we create a group called EC2SysAdmins and give it full access permission to EC2. Then we pull the user into that group.
- Log into the AWS Console
- Services > IAM > Groups
- Create New Group
- Group Name : EC2SysAdmins > Next Step
- Filter : AmazonEC2FullAccess > Check – AmazonEC2FullAccess > Next Step
- Review > Create Group
- You are returned to the Groups Screen
- Create a User
- Users > Add User
- User Name : EC2Admin
- Access Type : Check – Programmatic Access > Next: Permissions
- Add user to group
- Check – EC2SysAdmin > Next: Review
- Review > Create user
- You then see a Success screen listing the Access key ID and the Secret Access Key. You will need these to configure the AWS CLI later on. To make sure you have these credentials later (just in case you can not memorize long alphanumeric strings) download them.
- Click download CSV > Optionally, go to where the the file was downloaded and rename the file from credentials.csv to EC2Admin_AccessKey.csv or something a bit more fitting as you will refer to it shortly.
- Users > Add User
Install the AWS CLI Tools on Linux
In your bash shell (get bash set up on Windows 10)
sudo apt-get install awscli
Configure the AWS CLI Tools on Linux
In your bash shell
aws configure
Here you need to specify:
- Your access Key ID (refer the the csv file you downloaded)
- Your Secret Access Key (refer the the csv file you downloaded)
- Your preferred default region code (for example, us-east-1). Choose a region that is closest to you for now.
- Default output format. Choose json
There may be cases where you need to reconfigure the CLI tools, such as using different account credentials. You can always reconfigure any of these items later by
just re-running the aws configure command again.
AWS CLI Command Cheat Sheet – 101
Here is a list of commands that I’ve found helpful. I’ve made an effort to describe their uses. I hope they are helpful to you too.
List Regions and Availability Zones
Let’s first see what regions are available
aws ec2 describe-regions --output table
You’ll get something like this.
---------------------------------------------------------- | DescribeRegions | +--------------------------------------------------------+ || Regions || |+-----------------------------------+------------------+| || Endpoint | RegionName || |+-----------------------------------+------------------+| || ec2.ap-south-1.amazonaws.com | ap-south-1 || || ec2.eu-west-3.amazonaws.com | eu-west-3 || || ec2.eu-west-2.amazonaws.com | eu-west-2 || || ec2.eu-west-1.amazonaws.com | eu-west-1 || || ec2.ap-northeast-2.amazonaws.com | ap-northeast-2 || || ec2.ap-northeast-1.amazonaws.com | ap-northeast-1 || || ec2.sa-east-1.amazonaws.com | sa-east-1 || || ec2.ca-central-1.amazonaws.com | ca-central-1 || || ec2.ap-southeast-1.amazonaws.com | ap-southeast-1 || || ec2.ap-southeast-2.amazonaws.com | ap-southeast-2 || || ec2.eu-central-1.amazonaws.com | eu-central-1 || || ec2.us-east-1.amazonaws.com | us-east-1 || || ec2.us-east-2.amazonaws.com | us-east-2 || || ec2.us-west-1.amazonaws.com | us-west-1 || || ec2.us-west-2.amazonaws.com | us-west-2 || |+-----------------------------------+------------------+|
With a list of regions in front of us, let’s take a look at which availability zones are present in a particular region. In this case lets check us-east-1.
aws ec2 describe-availability-zones --region us-east-1 --output text |grep -w AVAILABILITYZONES
We get a text list of availability zones. TAKE NOTE: Since we already configured the region in the AWS CLI, we could just omit the --region us-east-1 parameter in the command above which would return the same list of availability zones. Include the region parameter if you have not configured a preferred default region in the AWS CLI.
AVAILABILITYZONES us-east-1 available us-east-1a AVAILABILITYZONES us-east-1 available us-east-1b AVAILABILITYZONES us-east-1 available us-east-1c AVAILABILITYZONES us-east-1 available us-east-1d AVAILABILITYZONES us-east-1 available us-east-1e AVAILABILITYZONES us-east-1 available us-east-1f
Get the Name, Instance ID, IP Addresses of EC2 Instances
Sometimes you just want a human readable list of instances that you can then take action on, like quickly stopping or starting an instance based on the InstanceID.
aws ec2 describe-instances --query 'Reservations[].Instances[].[Tags[?Key==`Name`] | [0].Value, InstanceId, State.Name, PrivateIpAddress, PublicIpAddress ]' --output table
This command is handy for a tabular list of information that you can then take action on, like quickly stopping or starting an instance based on the InstanceID.
Stop and Start Instances
Starting an instance
aws ec2 start-instances --instance-ids i-XXXXXXXX --output text | grep -w CURRENTSTATE
Stopping an instance
aws ec2 stop-instances --instance-ids i-XXXXXXXX --output text | grep -w CURRENTSTATE
Launch an Instance in an Availability Zone
Spot Price History
aws ec2 describe-spot-price-history --start-time $(date -u +"%Y%m%dT%H0000") --product "Linux/UNIX" --instance-type "m3.medium" --region us-east-1 --output table
Leave a Reply
Want to join the discussion?Feel free to contribute!