AWS/CLI

From r00tedvw.com wiki
(Difference between revisions)
Jump to: navigation, search
(Setup Credentials AWS CLI)
Line 64: Line 64:
 
* Credentials - <code> ~/.aws/credentials </code>
 
* Credentials - <code> ~/.aws/credentials </code>
 
* Configuration - <code> ~/.aws/config </code>
 
* Configuration - <code> ~/.aws/config </code>
 +
<br>
 +
Test your credentials by using a simple query to look at users in IAM.
 +
<nowiki>~$ aws iam list-users</nowiki>

Revision as of 13:40, 4 October 2019

Quick Reference | AWS CLI

Contents

Installation (CentOS7)

Install EPEL

~$ sudo yum install -y epel-release
sudo yum makecache

Find and install PIP

~$ sudo yum search pip | grep python3
python34-pip.noarch : A tool for installing and managing Python3 packages
python36-pip.noarch : A tool for installing and managing Python3 packages
~$ sudo yum install -y python36-pip

Verify PIP

~$ pip3 -V
pip 8.1.2 from/usr/lib/python3.6/site-packages (python 3.6)

Upgrade PIP

~$ sudo pip3 install --upgrade pip
~$ pip -V
pip 19.1 from /usr/local/lib/python3.6/site-packages/pip (python 3.6)

Install AWS CLI

~$ $ pip search awscli | grep "awscli ("
okta-awscli (0.4.0)                          - Provides a wrapper for Okta authentication to awscli
awscli (1.16.145)                            - Universal Command Line Environment for AWS.
~$ pip install awscli --upgrade --user

Verify AWS CLI

~$ aws --version
aws-cli/1.16.145 Python/3.6.6 Linux/3.10.0-957.10.1.el7.x86_64 botocore/1.12.135

Installation (MacOSX)

Make sure you have python 2.65+

~$ python --version                                                                                                     
Python 2.7.10

Download, unzip, and install via script.

~$ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
~$ unzip awscli-bundle.zip
~$ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

Credentials

Get your access and secret keys from:

  • AWS Management Console > [click] username > [click] My Security Credentials
  • [click] Create access key > [copy] Access Key ID > [click] Show secret access key > [copy] secret access key
    • NOTE: you will never be able to access the secret access key again. Make sure you copy it, otherwise you'll have to create a new key.

Credentials for role user

Say you want to get an access and secret key for a role user that you can switch to:

  • AWS Management Console > [click] services > [click] IAM under Security, Identity, & Compliance > [click] Users
  • Add User > give them a user name > select "Programmatic access" for the Access type > for permissions I assigned "AdministratorAccess".
  • [click] on the new user under Users > [click] Security Credentials tab > create access key > copy access and secret keys.
    • NOTE: you will never be able to access the secret access key again. Make sure you copy it, otherwise you'll have to create a new key.

Setup Credentials AWS CLI

reference: https://blog.gruntwork.io/authenticating-to-aws-with-the-credentials-file-d16c0fbcbf9e
reference: https://blog.gruntwork.io/authenticating-to-aws-with-environment-variables-e793d6f6d02e

~$ aws configure
AWS Access Key ID [none]:  {access key}
AWS Secret Access Key [none]: {secret key}
Default region name [none]: {preferred region}
Default output format [none]: {preferred output}

ie.
~$ aws configure
AWS Access Key ID [none]:  ODH1748RKHR48892743
AWS Secret Access Key [none]: 48RJHJHD39739DHJHDUOHOI3719457DVMBNH
Default region name [none]: us-east-1
Default output format [none]: json

This will save the info in:

  • Credentials - ~/.aws/credentials
  • Configuration - ~/.aws/config


Test your credentials by using a simple query to look at users in IAM.

~$ aws iam list-users
Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Open Source Products
Ubuntu
Ubuntu 22
Mac OSX
Oracle Linux
AWS
Windows
OpenVPN
Grafana
InfluxDB2
TrueNas
MagicMirror
OwnCloud
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
Plex Media Server
MetaSploit
Zoneminder
ShinobiCE
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
2020 Election
Volkswagen
Covid
NCDMV
Toolbox