AWS CLI: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 127: Line 127:
=Credential Providers=
=Credential Providers=
{{Internal|Amazon_AWS_Security_Concepts#Credential_Providers|Credential Providers}}
{{Internal|Amazon_AWS_Security_Concepts#Credential_Providers|Credential Providers}}
=TODO=
<font color=darkgray>Define the relationship between the AWS CLI and [[Amazon EC2 CLI|EC2 CLI]]</font>
---------

Revision as of 23:34, 7 August 2020

External

Internal

Overview

AWS CLI is a package that provides commands for interacting with the AWS services. All functionality available on the web Amazon Management Console is made available from command line.

Installation

https://docs.aws.amazon.com/cli/latest/userguide/awscli-install-bundle.html
https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html

This sectipn documents installation of AWS CLI v2. 

curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /

Even it looks odd, "-target /" will install AWS CLI in /usr/local/aws-cli.

Verify the installation executing: 

aws --version
aws-cli/2.0.35 Python/3.7.4 Darwin/18.7.0 botocore/2.0.0dev39

Uninstall AWS CLI Version 1

sudo rm -rf /usr/local/aws
sudo rm /usr/local/bin/aws

Configuration

https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html#cli-multiple-profiles

Configuration Profile

A collection of settings related to a certain account (access key, secret key, the default region and the default output format) are called a profile. The initial configuration procedure creates a profile named "default", and this is what AWS CLI uses by default. Additional named profiles can be created and stored, and then referred from command line with --profile, or configured in the environment to be used instead "default". The configuration information associated with profiles is stores in a series of local files. More details in the Configuration Files section.

Individual AWS CLI commands can be executed within the context of a specific profile using the --profile option: 

aws s3 ls --profile blue

Configuration Profile Operations

List Available Profiles

aws configure list-profiles

List the Configuration for a Specific Profiles

Default profile: 

aws configure list

Specific named profile: 

aws configure list --profile blue

Permanently Select a Profile

A previously-configured profile can be selected by setting the "AWS_PROFILE" environment variable: 

export AWS_PROFILE=jenkins

Add a New Profile

aws configure --profile green
AWS Access Key ID [None]: AKIAXXXXXXXXXXXXXXXX
AWS Secret Access Key [None]: yxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Default region name [None]: us-west-2
Default output format [None]:

If --profile <profile-name> is omitted, the default profile will be configured.

Configuration Files

AWS CLI organizes configuration and credentials in two separate files placed in $USER/.aws. They are separated to isolate credentials for less sensitive options of region and output.

~/.aws/config

AWS CLI configuration file is maintained by default in ~/.aws/config: 

[default]
region = us-west-2
ca_bundle = /path/to/ca-bundle.pem
output=json

[profile testing]
region = us-west-1

[profile testing2]
region = eu-west-1

[preview]
cloudsearch = true

~/.aws/credentials

AWS CLI credentials are maintained by default in ~/.aws/credentials: 

[default]
aws_access_key_id=...
aws_secret_access_key=...

Test Installation

aws ec2 describe-regions

aws ec2 describe-hosts

Credential Providers

Credential Providers
Retrieved from "https://kb.novaordis.com/index.php?title=AWS_CLI&oldid=67951"