AWS CLI Commands Cheatsheet

What is AWS CLI?

“The AWS Command Line Interface (AWS CLI) is an open source tool that enables you to interact with AWS services using commands in your command-line shell.”

Knowing how to interact with the AWS Services via the Console or APIs is insufficient and learning how to leverage CLI is an important aspect of AWS, especially for developers. After installation, it can be used to retrieve data quickly and automate processes. AWS CLI can be used to control all the existing services from a single tool.

AWS CLI Versions

• Version 2.x — The current version is primarily used in production environments.

• Version 1.x — The previous version is available for backward compatibility.

AWS CLI Command Structure

• Regular command structure

$ aws ec2 import-key-pair --key-name KeyPair.pem --public-key-material file:///Users/<*mac-user-name*>/Downloads/KeyPair.pem

• Multi-line command structure

$ aws ec2 import-key-pair \

> --key-name KeyPair.pem \

> --public-key-material file:///Users/<*mac-user-name*>/Downloads/KeyPair.pem

• Using wait command pauses and resumes execution after confirming that the operation is ready to run

$ aws iam wait user-exists --user-name default

• Using the wizard to call the CLI Wizard GUI

$ aws iam wizard

• Create an alias for frequently used commands

$ whoami = sts get-caller-identity

AWS CLI Commands

• To check the existing version of AWS CLI

  $ aws --version

• To check where AWS CLI is installed

  $ which aws

• Uninstall Version 1.x — when installed using pip

  $ pip3 uninstall awscli

• Uninstall Version 1.x — when installed using bundler installer

  $ sudo rm -rf /usr/local/aws

  $ sudo rm /usr/local/bin/aws

• Install Version 2.x which supports multiple platforms including:

1. macOS

2. Windows

3. Linux

4. Docker

• macOS install using the bundler installer user interface (append specific version number at the end of the URL) — download the .pkg file and follow all the on-screen instructions

https://awscli.amazonaws.com/AWSCLIV2.pkg

Version 2 https://awscli.amazonaws.com/AWSCLIV2-2.0.30.pkg

Version 1 https://s3.amazonaws.com/aws-cli/awscli-bundle-1.19.3.zip

Installation is possible from two perspectives — root user for all the users on the computer (with sudo) or current user (without sudo)

• macOS install using the CLI

  curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"

  // curl "https://awscli.amazonaws.com/AWSCLIV2-2.0.30.pkg" -o "AWSCLIV2.pkg" -> for Version 2.x

  sudo installer -pkg AWSCLIV2.pkg -target /

• To uninstall AWS CLI Version 2.x

  $ s -l /usr/local/bin/aws

  $ sudo rm /usr/local/bin/aws_completer

  $ sudo rm -rf /usr/local/aws-cli

• To configure the AWS CLI, the default profile values are prompted for and are stored in the credentials file

  $ aws configure

  AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE

  AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

  Default region name [None]: us-east-1

  Default output format [None]: JSON

// DEFAULT VALUES

[default]
aws_access_key_id = EXAMPLE
aws_secret_access_key = EXAMPLEKEY
region = us-west-2
output = json

• To configure a profile produser with different access keys, region and output settings

  $ aws configure --profile produser

• To access data authorized for a specific user produser (user with AdministratorAccess policy), in this case, S3 bucket information

  $ aws s3 ls --profile produser

• To change the setting for a profile produser and retrieve the setting to view confirm the change

  $ aws configure set region us-west-2 --profile produser

  $ aws configure get region --profile produser

• To remove a setting from a profile

  $ aws configure set cli_pager "" --profile produser

  $ aws configure get cli_pager --profile produser

• To check existing profiles and switch between profiles

  $ aws configure list-profile

  $ export AWS_PROFILE=MadhuNimeshika

  $ aws configure list

• To import .csv files generated in the IAM Console and display user details

  $ cd <.csv-path>

  $ aws configure import --csv file://new_user_credentials.csv

  $ aws configure list

• To set Environment Variables

  $ export AWS_ACCESS_KEY_ID = AKIAIOSFODNN7EXAMPLE

  $ export AWS_SECRET_ACCESS_KEY = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

  $ export AWS_DEFAULT_REGION = us-west-2

• To check config file

  $ cd /Users/<mac-user-name>/.aws

  $ ls

  $ cat config

• To enable command completion

1. Confirm that the aws completer folder is in your shell path

   $ which aws_completer

2. Enable command completion after confirmation

   $ complete -C '/usr/local/bin/aws_completer' aws

3. Verify command completion working

   $ aws sTAB

   $ aws eTAB

• Auto prompt searches and suggest all the possible commands

1. To use auto-prompt in ‘full mode’ and view documentation (press F3)

   $ aws --cli-auto-prompt

2. To use auto-prompt in ‘partial mode’

   $ aws <service-name> --cli-auto-prompt

• To get help

  $ aws help

  $ aws <service-name> help

  $ aws <service-name> <operation> help

• To set output format from the available options — json, text, table yaml, yaml-stream

  $ aws iam list-users --output json

  $ aws iam list-users --output text

existing IAM user data in json and text formats

• To get a return code to confirm the status of the command

  $ echo $?

AWS CLI return codes

• To configure a wizard in the CLI

  $ aws configure wizard

$ aws configure wizard

add credentials for the profile — integ

• To use Wizard (only available for specific services)

1. Following AWS Services have the wizard option

• aws configure

• dynamodb (new-table)

• iam (new-role)

• events (new-rule)

• lambda (new-function)

2. Use the wizard option in the command to call the Wizard GUI

• To create and use aliases for frequently used CLI commands

1. Create an alias file with no extension in your existing .aws configuration folder and echo ‘top level’

You can edit the alias file directly using any text editor or using vim in the terminal

$ mkdir -p ~/.aws/cli

$ echo '[toplevel]' > ~/.aws/cli/alias

2. Create alias (via CLI or add via text editor to the alias file) and call alias

The [top-level] command is required for all alias files. An error -unable to parse config file .aws/cli/alias will be shown.

$ mkdir -p ~/.aws/cli

$ echo '[toplevel]' > ~/.aws/cli/alias

$ vim ~/.aws/cli/alias

[toplevel]

listbucket = s3 ls

$ aws listbucket

using an alias to retrieve bucket details

Locate AWS CLI files in your Mac

1. Open Finder

2. Open your Mac — Volume under locations

3. Open Users

4. Open your <mac-user-name> folder

5. Open the .aws folder

You should be able to see the config, credentials, and any other files created

.aws files location

References

AWS has a lot of documentation on the CLI. These are the ones I followed to write this blog.

1. AWS CLI Command Reference

2. AWS CLI — Github for Version 2.x

3. AWS Aliases — Github

If you stuck around to read this blog till here, thank you! Hope it was helpful.

Let me know if there are any other commands that you use that I haven’t included and I will look into adding them here.