Skip to main content

AWS CLI

Introduction

to AWS CLI

The AWS CLI allows you to manage services using the command line and control services through scripts. Many users choose to conduct some level of automation using the AWS CLI.

Connect to an EC2 instance and paste the following command. AWS CLI is already installed on your machine, but this will initiate an update. There are a few ways to check this, depending on how it was installed

dpkg --list | grep awscli
pip3 list | grep awscli

Check Existing Amazon EC2 Instances

Use the following commands to explore AWS CLI (use q to exit windows):

  • general AWS CLI help
  • help related to Amazon EC2 commands
  • the list of your existing instances with their key characteristics
  • the list of your registered SSH key-pairs
aws help

aws ec2 help

aws ec2 describe-instances

aws ec2 describe-key-pairs

The above describe-instances and describe-key-pairs commands will likely fail because we did not set our AWS account’s credentials: the access keys and the region. This results in a permissions error as credentials are required to access AWS resources such as EC2, S3, and so on (without them AWS CLI does not know which account you are referring to). You can enter those manually using the aws configure command.

As we have not yet configured the instance with the AWS account’s credentials, the ~/.aws/ folder will not be available. Now let us go ahead with aws configure.

 

워크샵 스튜디오 환경에서 실습을 할 경우는 아래와 같이 사전에 준비된 Credential을 사용하면 됩니다. 만일 그렇지 않을 경우 Access Key 를 만드는 방법은 다음 링크를 참고하세요.

Screenshot 2023-09-27 at 10.52.34 AM.png

Screenshot 2023-09-27 at 10.52.25 AM copy.png

 

AWS Configure - General Use

  1. Run the aws configure command
aws configure
  1. Enter your account’s aws access key id
aws_access_key_id=[Access Key ID]
  1. Enter your account’s aws secret access key
aws_secret_access_key=[Secret Access Key]
  1. Enter a default region name. For the purposes of this workshop, use ap-southeast-1 (the region for Singapore).
Default region name=ap-southeast-1

Hit enter to accept the defaults for output format

  1. Run the ec2 describe-instances command and check the output.
aws ec2 describe-instances

This gives a description of all the EC2 instances in the account for the specified region.

  1. In addition, take a look at the key-pairs we have for the selected region.
aws ec2 describe-key-pairs

Note: This is a very brief introduction to AWS CLI. With great power comes great responsibility, so familiarise yourself and practice before using it to automate instances. Your wallet will thank you.

Next, you will use the AWS CLI to interact with Amazon S3.

 

Verifying AWS Credentials

Before we interact with the Amazon S3 let us take a look at the importance of the AWS credentials.

AWS security credentials are used to verify

  1. Who you are
  2. Your permission to access the resources that you are requesting
    AWS uses these security credentials to authenticate and authorize your requests.

We configured who you are in the earlier section. Let us inspect the credentials and config files in the ~/.aws/ folder now. (Not applicable for AWS configure with Event Engine code snippet)

cat ~/.aws/credentials

cat ~/.aws/config

IMPORTANT: If you are using Event Engine for this workshop, make sure to have the AWS ACCESS KEY ID, AWS SECRET ACCESS KEY, AWS DEFAULT REGION match the temporary account’s credentials from the Console page on Event Engine. The AWS SESSION TOKEN is unique for each Event Engine session (this session token is NOT APPLICABLE for an original AWS account).

We now successfully configured who you are. Next, we will configure your permission to access the resources that you are requesting (i.e. with a “named profile”) to interact with Amazon S3.

Back to top