AWS CLI
AWS CLI 소개
The AWS CLI를 allows사용하면 you명령줄을 to사용하여 manage서비스를 services관리하고 using스크립트를 the통해 command서비스를 line제어할 and수 control있습니다. services많은 through scripts. Many users choose to conduct some level of automation using the사용자가 AWS CLI.CLI를 사용하여 일정 수준의 자동화를 수행합니다.
Connect to an EC2 instance인스턴스에 and연결하고 paste다음 the명령을 following붙여넣습니다. command.머신에 이미 AWS CLICLI가 is설치되어 already있지만 installed이렇게 on하면 your업데이트가 machine,시작됩니다. but설치 this방법에 will따라 initiate이를 an확인하는 update.몇 There가지 are방법이 a있습니다. few(아래는 ways몇가지 to check this, depending on how it was installed예시임)
dpkg --list | grep awscli
pip3 list | grep awscli
Check Existing기존 Amazon EC2 Instances인스턴스에서 확인
Use다음 the명령을 following commands to explore사용하여 AWS CLICLI를 탐색합니다(use창을 q종료하려면 toq를 exit windows)사용하세요):
- general AWS CLI help
- help related to Amazon EC2 commands
- the list of your existing instances with their key characteristics
- the list of your registered SSH key-pairs
aws help
aws ec2 help
aws ec2 describe-instances
aws ec2 describe-key-pairs
The above위의 describe-instances and및 describe-key-pairs commands will likely fail because we did not set our명령은 AWS account’s계정의 credentials:자격 the증명인 access액세스 keys키와 and리전을 the설정하지 region.않았기 This때문에 results실패할 in가능성이 a높습니다. permissionsEC2, errorS3 as등과 credentials are required to access같은 AWS resources리소스에 such액세스하려면 as자격 EC2,증명이 S3,필요하므로 and권한 so오류가 on발생합니다(자격 (without증명이 them없으면 AWS CLICLI는 does사용자가 not참조하는 know계정을 which알 account수 you are referring to)없음). You can enter those manually using the aws configure command.명령을 사용하여 수동으로 입력할 수 있습니다.
As we have not yet configured the instance with the아직 AWS account’s계정의 credentials,자격 the증명으로 인스턴스를 구성하지 않았으므로 ~/.aws/ folder폴더를 will사용할 not수 be없습니다. available. Now let us go ahead with이제 aws configure를 진행하겠습니다.
AWS 에서 제공하는 워크샵 스튜디오 환경에서 실습을 할 경우는 아래와 같이 사전에 준비된 Credential을 사용하면 됩니다. 만일 그렇지 않을 경우 Access Key 를 만드는 방법은 다음 링크를 참고하세요.
터미널 창에 바로 Copy & Paste 할 수 있습니다.
이제 다시 한번 aws ec2 describe-key-pairs 명령어를 입력해보세요.
AWS Configure - General Use
참고: 위에서 처럼
- Run the aws configure command
aws configure
- Enter your account’s aws access key id
aws_access_key_id=[Access Key ID]
- Enter your account’s aws secret access key
aws_secret_access_key=[Secret Access Key]
- Enter a default region name. For the purposes of this workshop, use ap-southeast-1 (the region for Singapore).
Default region name=ap-southeast-1
Hit enter to accept the defaults for output format
- Run the ec2 describe-instances command and check the output.
aws ec2 describe-instances
This gives a description of all the EC2 instances in the account for the specified region.
- In addition, take a look at the key-pairs we have for the selected region.
aws ec2 describe-key-pairs
Note: This is a very brief introduction to AWS CLI. With great power comes great responsibility, so familiarise yourself and practice before using it to automate instances. Your wallet will thank you.
Next, you will use the AWS CLI to interact with Amazon S3.
Verifying AWS Credentials
Before we interact with the Amazon S3 let us take a look at the importance of the AWS credentials.
AWS security credentials are used to verify
- Who you are
- Your permission to access the resources that you are requesting
AWS uses these security credentials to authenticate and authorize your requests.
We configured who you are in the earlier section. Let us inspect the credentials and config files in the ~/.aws/ folder now. (Not applicable for AWS configure with Event Engine code snippet)
cat ~/.aws/credentials
cat ~/.aws/config
IMPORTANT: If you are using Event Engine for this workshop, make sure to have the AWS ACCESS KEY ID, AWS SECRET ACCESS KEY, AWS DEFAULT REGION match the temporary account’s credentials from the Console page on Event Engine. The AWS SESSION TOKEN is unique for each Event Engine session (this session token is NOT APPLICABLE for an original AWS account).
We now successfully configured who you are. Next, we will configure your permission to access the resources that you are requesting (i.e. with a “named profile”) to interact with Amazon S3.