AwsCliCheatsheet

AWS CLI Commands Cheatsheet

All the generic AWS CLI Commands you need to know — MacOS Specific

ByDasika Madhu

image

What is AWS CLI?

“The AWS Command Line Interface (AWS CLI) is an open source tool that enables you to interact with AWS services using commands in your command-line shell.”

Knowing how to interact with the AWS Services via the Console or APIs is insufficient and learning how to leverage CLI is an important aspect of AWS, especially for developers. After installation, it can be used to retrieve data quickly and automate processes. AWS CLI can be used to control all the existing services from a single tool.

AWS CLI Versions

  • Version 2.x — The current version is primarily used in production environments.

  • Version 1.x — The previous version is available for backward compatibility.

AWS CLI Command Structure

  • Regular command structure

AWS CLI Command Structure

$ aws ec2 import-key-pair --key-name KeyPair.pem --public-key-material file:///Users/<*mac-user-name*>/Downloads/KeyPair.pem
  • Multi-line command structure

AWS CLI Multi-Line Command Structure

$ aws ec2 import-key-pair \

> --key-name KeyPair.pem \

> --public-key-material file:///Users/<*mac-user-name*>/Downloads/KeyPair.pem
  • Using wait command pauses and resumes execution after confirming that the operation is ready to run

AWS CLI Command Structure including ‘wait’

$ aws iam wait user-exists --user-name default
  • Using the wizard to call the CLI Wizard GUI

AWS CLI Command to generate Wizard GUI

$ aws iam wizard
  • Create an alias for frequently used commands

AWS CLI syntax to create alias

$ whoami = sts get-caller-identity

AWS CLI Commands

  • To check the existing version of AWS CLI

    $ aws --version

AWS CLI Version

  • To check where AWS CLI is installed

    $ which aws

Where AWS CLI is installed

  • Uninstall Version 1.x — when installed using pip

    $ pip3 uninstall awscli

Uninstalling AWS CLI Version 1.x — pip

  • Uninstall Version 1.x — when installed using bundler installer

    $ sudo rm -rf /usr/local/aws

    $ sudo rm /usr/local/bin/aws

Uninstalling AWS CLI Version 1.x — bundler installer

  • Install Version 2.x which supports multiple platforms including:

  1. macOS

  2. Windows

  3. Linux

  4. Docker

  • macOS install using the bundler installer user interface (append specific version number at the end of the URL) — download the .pkg file and follow all the on-screen instructions

https://awscli.amazonaws.com/AWSCLIV2.pkg

Version 2 https://awscli.amazonaws.com/AWSCLIV2-2.0.30.pkg

Version 1 https://s3.amazonaws.com/aws-cli/awscli-bundle-1.19.3.zip

Installation is possible from two perspectives — root user for all the users on the computer (with sudo) or current user (without sudo)

  • macOS install using the CLI

    curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"

    // curl "https://awscli.amazonaws.com/AWSCLIV2-2.0.30.pkg" -o "AWSCLIV2.pkg" -> for Version 2.x

    sudo installer -pkg AWSCLIV2.pkg -target /

AWS CLI Installation

  • To uninstall AWS CLI Version 2.x

    $ s -l /usr/local/bin/aws

    $ sudo rm /usr/local/bin/aws_completer

    $ sudo rm -rf /usr/local/aws-cli

Uninstall AWS CLI

  • To configure the AWS CLI, the default profile values are prompted for and are stored in the credentials file

    $ aws configure

    AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE

    AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

    Default region name [None]: us-east-1

    Default output format [None]: JSON

aws configure

// DEFAULT VALUES

[default]
aws_access_key_id = EXAMPLE
aws_secret_access_key = EXAMPLEKEY
region = us-west-2
output = json

  • To configure a profile produser with different access keys, region and output settings

    $ aws configure --profile produser

aws configure — profile

  • To access data authorized for a specific user produser (user with AdministratorAccess policy), in this case, S3 bucket information

    $ aws s3 ls --profile produser

Listing S3 Buckets

  • To change the setting for a profile produser and retrieve the setting to view confirm the change

    $ aws configure set region us-west-2 --profile produser

    $ aws configure get region --profile produser

set and get region

  • To remove a setting from a profile

    $ aws configure set cli_pager "" --profile produser

    $ aws configure get cli_pager --profile produser

Edit settings of an existing profile

  • To check existing profiles and switch between profiles

    $ aws configure list-profile

    $ export AWS_PROFILE=MadhuNimeshika

    $ aws configure list

Display existing profiles and switching between them

  • To import .csv files generated in the IAM Console and display user details

    $ cd <.csv-path>

    $ aws configure import --csv file://new_user_credentials.csv

    $ aws configure list

Import and display user .csv file details

  • To set Environment Variables

    $ export AWS_ACCESS_KEY_ID = AKIAIOSFODNN7EXAMPLE

    $ export AWS_SECRET_ACCESS_KEY = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

    $ export AWS_DEFAULT_REGION = us-west-2

  • To check config file

    $ cd /Users/<mac-user-name>/.aws

    $ ls

    $ cat config

config details

  • To enable command completion

  1. Confirm that the aws completer folder is in your shell path

    $ which aws_completer

To confirm the completer’s folder is in your path

  1. Enable command completion after confirmation

    $ complete -C '/usr/local/bin/aws_completer' aws

  2. Verify command completion working

    $ aws sTAB

    $ aws eTAB

Command Completion in AWS CLI

  • Auto prompt searches and suggest all the possible commands

  1. To use auto-prompt in ‘full mode’ and view documentation (press F3)

    $ aws --cli-auto-prompt

“full mode” auto-prompt & documentation

  1. To use auto-prompt in ‘partial mode’

    $ aws <service-name> --cli-auto-prompt

“partial mode” auto-prompt

“partial mode” auto-prompt output

  • To get help

    $ aws help

    $ aws <service-name> help

    $ aws <service-name> <operation> help

$ aws help

$ aws s3 help

$ aws ec2 describe-instances help

  • To set output format from the available options — json, text, table yaml, yaml-stream

    $ aws iam list-users --output json

    $ aws iam list-users --output text

existing IAM user data in json and text formatsexisting IAM user data in json and text formats

  • To get a return code to confirm the status of the command

    $ echo $?

AWS CLI return codesAWS CLI return codes

  • To configure a wizard in the CLI

    $ aws configure wizard

$ aws configure wizard$ aws configure wizard

add credentials for the profile — integadd credentials for the profile — integ

  • To use Wizard (only available for specific services)
  1. Following AWS Services have the wizard option

  • aws configure

  • dynamodb (new-table)

  • iam (new-role)

  • events (new-rule)

  • lambda (new-function)

  1. Use the wizard option in the command to call the Wizard GUI

$ aws configure wizard

$ aws lambda wizard

$ aws iam wizard new-role — add role name & description

$ aws iam wizard new-role — choose which service the role can use

$ aws iam wizard new-role — attach existing policies

$ aws iam wizard new-role — cli config

$ aws iam wizard new-role — preview

$ aws iam wizard new-role — preview

$ aws iam wizard new-role — create a new role

Created role using iam wizard

  • To create and use aliases for frequently used CLI commands
  1. Create an alias file with no extension in your existing .aws configuration folder and echo ‘top level’

You can edit the alias file directly using any text editor or using vim in the terminal

$ mkdir -p ~/.aws/cli

$ echo '[toplevel]' > ~/.aws/cli/alias

2. Create alias (via CLI or add via text editor to the alias file) and call alias

The [top-level] command is required for all alias files. An error -unable to parse config file .aws/cli/alias will be shown.

$ mkdir -p ~/.aws/cli

$ echo '[toplevel]' > ~/.aws/cli/alias

$ vim ~/.aws/cli/alias

[toplevel]

listbucket = s3 ls

$ aws listbucket

using an alias to retrieve bucket detailsusing an alias to retrieve bucket details

Locate AWS CLI files in your Mac

  1. Open Finder

  2. Open your Mac — Volume under locations

  3. Open Users

  4. Open your <mac-user-name> folder

  5. Open the .aws folder

You should be able to see the config, credentials, and any other files created

.aws files location.aws files location

References

AWS has a lot of documentation on the CLI. These are the ones I followed to write this blog.

  1. AWS CLI Command Reference

  2. AWS CLI — Github for Version 2.x

  3. AWS Aliases — Github

If you stuck around to read this blog till here, thank you! Hope it was helpful.

Let me know if there are any other commands that you use that I haven’t included and I will look into adding them here.

Enjoyed this article?

Share it with your network to help others discover it

LinkedIn logo for sharing a link
Twitter logo for sharing a linkReddit logo for sharing a link

Continue Learning

Discover more articles on similar topics

How to Automate AWS IAM Best Practices Using the Principle of Least Privilege

AWS IAM automation with Klotho to help you implement security best practices via Infrastructure-as-Code, and abstracting the complexity of writing least privilege IAM policies away from your developers.

AwsIamAws iam

How to Push a Docker Image to the AWS ECR

In this tutorial, I will show how to push an image to AWS. All the steps shown below were performed on Ubuntu 18 with Docker version 19.03.6 and AWS CLI version 2 installed.

DockerAwsEcr

AWS S3: Different Types of Storage Types Available in S3

AWS S3: Generating Logs in S3 Bucket

AwsS3Storage

Setting up Kubernetes RBAC in Amazon EKS

AwsCloudAmazon eks

What is Lambda Throttling and How to Fix it?

AWSLambdaThrottling

Using AWS for Media Storage: A Practical Guide

AwsCloudCloud storage