Pages

Sunday, July 7, 2019

AWS CLI - Configuring the Command Line Interface for Aws

AWS CLI is an open source tool from Aws that enables Aws platform users to communicate and issues commands on various services of the Aws. This tool lets users to issue commands which in turn invoke the aws services via APIs exposed by those services. The authentication and authorization of the user issuing the commands are abstracted by configuring the Cli with the users credentials or keys. 


The Cli provides higher level of operations on the services as simple services to the users. By having this Cli, users can now create shell scripts or automate simple and complex tasks on the services.


Installation - Installing Cli is quite easy. Though there are few prerequisites like having a python boto library. We can install the Cli using python pip as “pip install awscli”.


Configuration - Once we have the tool available we can run the “aws” command as below,
jagadishm@[/Volumes/Work]: aws
usage: aws [options] [ ...] [parameters]
To see help text, you can run:

  aws help
  aws help
  aws help


Configure the access_key_id and secret_access_key from IAM -> Access keys -> Generate. This will create a keyId and an access key. 


Once a Key id and access key are generated, we will now configure the aws cli as,
jagadishm@[/Volumes/Work]: aws configure
AWS Access Key ID [None]: AKIAIHJJ6T4NSENA4M3A
AWS Secret Access Key [None]: **********
Default region name [None]: us-east-2a
Default output format [None]: 


Configuration files
Once we configure the aws cli, 2 files will be created in the ~/.aws directory.

~/.aws/config - This contains configuration of multiple named profiles including the default profile. The configuration of each profile consist the key/value parts for a region and its output properties.
jagadishm@[~/.aws]: cat config 
[default]
region = us-east-2a
output = json


~/.aws/credentials - This file contains the credentials of multiple named profiles including the default one. The credentials are available for each profile that we have in the config file.
jagadishm@[~/.aws]: cat credentials 
[default]
aws_access_key_id = AKIAIHJJ6T4NSENA4M3A
aws_secret_access_key = *****************


Named Profile - Aws cli supports using named profiles. The named profiles are nothing but profile which has a specific name and aws cli can use this name when invoking services in aws. A named profile can be created as,
jagadishm@[~/.aws]: aws configure --profile admin
AWS Access Key ID [None]: AKIAIHJJ6T4NSENA4M3A
AWS Secret Access Key [None]: *************
Default region name [None]: us-east-2a
Default output format [None]: json


Now if we go to the ~/.aws/config, we can see a new profile with the name created as below,
jagadishm@[~/.aws]: cat config 
[default]
region = us-east-2a
[profile admin]
output = json
region = us-east-2a


List Config Data - Aws cli allows us to list the data available using,
jagadishm@[~/.aws]: aws configure list
      Name                    Value   Type Location
      ----                    -----       ---- --------
   profile                      None None
access_key     ****************4M3A     shared-credentials-file    
secret_key     ****************PPIr        shared-credentials-file    
    region               us-east-2a         config-file ~/.aws/config

jagadishm@[~/.aws]: aws configure list --profile admin
      Name                    Value Type   Location
      ----                    ----- ----   --------
   profile                    admin manual --profile
access_key     ****************4M3A shared-credentials-file    
secret_key     ****************PPIr shared-credentials-file    
    region               us-east-2a config-file    ~/.aws/config


Try out basic commands - Once that we have configured the aws cli, we can run a few commands as below,


List all s3 buckets in the current region of us-east-2a
jagadishm@[~/.aws]: aws s3 ls
2019-07-03 11:23:13 cf-templates-1kdx3hvziz90i-us-east-1
2019-07-03 11:26:35 sample-bucket-simplesamplebucket-1tuihgl33nnsy


Using Named profile
jagadishm@[~/.aws]: aws s3 ls --profile admin
2019-07-03 11:23:13 cf-templates-1kdx3hvziz90i-us-east-1
2019-07-03 11:26:35 sample-bucket-simplesamplebucket-1tuihgl33nnsy


Hope this helps in getting you started with Aws Cli.

No comments :

Post a Comment