python based cli wrapper for the boto aws REST library
http://aws.amazon.com/cli/
http://docs.aws.amazon.com/cli/latest/index.html
https://github.com/aws/aws-cli
sudo pip install awscli
aws configure
AWS Access Key ID [****************WYWA]:
AWS Secret Access Key [****************+2RQ]:
Default region name [None]: us-east-1
Default output format [None]:
updates the file ~/.aws/config
complete -C aws_completer aws
enables the auto complete functionality for aws cli commands
Multiple AWS Account Profiles
http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
aws configure --profile qa
AWS Access Key ID [None]: AKIA****
AWS Secret Access Key [None]: abcd*******
Default region name [None]: us-east-1
Default output format [None]:
cat ~/.aws/config/config
cat ~/.aws/config/credentials
aws s3 ls
returns the list of buckets from the default configuration/credentials
aws s3 ls --profile qa
returns the list of buckets from the QA profile
aws s3 with debug and without ssl validation
aws --debug --no-verify-ssl --endpoint-url http://localhost:4288 s3 ls
aws --debug --no-verify-ssl --endpoint-url http://localhost:4288 s3 mb s3://mybucket
aws ec2 describe-instances # currently running instance details return in JSON format
aws ec2 describe-images --filters Name=name,Values="MyAMIName-2014.03.07*" # wildcard could return many results
aws ec2 run-instances --image-id ami-3d0f0054 --key-name MyKeyPair --instance-type c3.large --security-groups MySecurityGroupName
note the docs incorrectly indicate Security Group identified by sg-xxxxxx
helpful to redirect out to a file
| tee myinstance.json
aws ec2 create-tags --resources i-899261aa --tags Key=Name,Value=FrontEndServer
NOTE that Create tags has a different key-value system than Describe name-value
aws ec2 create-tags --resources i-899261aa --tags Key=MyCI,Value="Build2014.03.07.125330"
MUCH easier to retrieve a tag key than filter on Name =(
aws ec2 describe-instances --filters "Name=tag-key,Values=MyCI"
aws ec2 describe-instances --filters "Name=tag-value,Values=FrontEndServer"
aws ec2 describe-instances --filters "Name=tag :key,Values=FrontEndServer" # this does not work, confusing
Using JQ to parse json of ami images
sudo apt-get install jq
aws ec2 describe-images --filters Name=name,Values="2014.03.07" | jq .Images[0].ImageId
jq .Images[0] # get the first element from the list
jq .Images[0].ImageId # get the AMI Image ID from the first element from the list
jq -a -r # ascii output instead of UTF, raw output (not JSON string with quotes)
--dry-run
parameter to check if you have permissions for the action
Use IAM/Security Groups to give these AWS credentials some permissions, otherwise: A client error (UnauthorizedOperation) occurred when calling the DescribeInstances operation: You are not authorized to perform this operation