john pfeiffer

Amazon aws cli

python based cli wrapper for the boto aws REST library

http://aws.amazon.com/cli/

http://docs.aws.amazon.com/cli/latest/index.html

https://github.com/aws/aws-cli

sudo pip install awscli

aws configure
    AWS Access Key ID [****************WYWA]: 
    AWS Secret Access Key [****************+2RQ]: 
    Default region name [None]: us-east-1
    Default output format [None]:

updates the file ~/.aws/config

complete -C aws_completer aws

enables the auto complete functionality for aws cli commands

Multiple AWS Account Profiles

http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html

aws configure --profile qa
    AWS Access Key ID [None]: AKIA****
    AWS Secret Access Key [None]: abcd*******
    Default region name [None]: us-east-1
    Default output format [None]:

cat ~/.aws/config/config
cat ~/.aws/config/credentials

aws s3 ls

returns the list of buckets from the default configuration/credentials

aws s3 ls --profile qa

returns the list of buckets from the QA profile

aws s3 with debug and without ssl validation

aws --debug --no-verify-ssl --endpoint-url http://localhost:4288 s3 ls aws --debug --no-verify-ssl --endpoint-url http://localhost:4288 s3 mb s3://mybucket

aws ec2 describe-instances # currently running instance details return in JSON format

aws ec2 describe-images --filters Name=name,Values="MyAMIName-2014.03.07*" # wildcard could return many results

aws ec2 run-instances --image-id ami-3d0f0054 --key-name MyKeyPair --instance-type c3.large --security-groups MySecurityGroupName

note the docs incorrectly indicate Security Group identified by sg-xxxxxx

helpful to redirect out to a file | tee myinstance.json

aws ec2 create-tags --resources i-899261aa --tags Key=Name,Value=FrontEndServer

NOTE that Create tags has a different key-value system than Describe name-value

aws ec2 create-tags --resources i-899261aa --tags Key=MyCI,Value="Build2014.03.07.125330"

MUCH easier to retrieve a tag key than filter on Name =(

aws ec2 describe-instances --filters "Name=tag-key,Values=MyCI"
aws ec2 describe-instances --filters "Name=tag-value,Values=FrontEndServer"

aws ec2 describe-instances --filters "Name=tag :key,Values=FrontEndServer"  # this does not work, confusing

Using JQ to parse json of ami images

sudo apt-get install jq
aws ec2 describe-images --filters Name=name,Values="2014.03.07" | jq .Images[0].ImageId
jq .Images[0]       # get the first element from the list
jq .Images[0].ImageId   # get the AMI Image ID from the first element from the list
jq -a -r  # ascii output instead of UTF, raw output (not JSON string with quotes)

--dry-run

parameter to check if you have permissions for the action

Use IAM/Security Groups to give these AWS credentials some permissions, otherwise: A client error (UnauthorizedOperation) occurred when calling the DescribeInstances operation: You are not authorized to perform this operation

Published

Category

virtualization

~344 words

Tags