AWS/CLI
From r00tedvw.com wiki
Quick Reference | AWS CLI
Contents |
Installation (CentOS7)
Install EPEL
~$ sudo yum install -y epel-release sudo yum makecache
Find and install PIP
~$ sudo yum search pip | grep python3 python34-pip.noarch : A tool for installing and managing Python3 packages python36-pip.noarch : A tool for installing and managing Python3 packages ~$ sudo yum install -y python36-pip
Verify PIP
~$ pip3 -V pip 8.1.2 from/usr/lib/python3.6/site-packages (python 3.6)
Upgrade PIP
~$ sudo pip3 install --upgrade pip ~$ pip -V pip 19.1 from /usr/local/lib/python3.6/site-packages/pip (python 3.6)
Install AWS CLI
~$ $ pip search awscli | grep "awscli (" okta-awscli (0.4.0) - Provides a wrapper for Okta authentication to awscli awscli (1.16.145) - Universal Command Line Environment for AWS. ~$ pip install awscli --upgrade --user
Verify AWS CLI
~$ aws --version aws-cli/1.16.145 Python/3.6.6 Linux/3.10.0-957.10.1.el7.x86_64 botocore/1.12.135
Installation (MacOSX)
Make sure you have python 2.65+
~$ python --version Python 2.7.10
Download, unzip, and install via script.
~$ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip" ~$ unzip awscli-bundle.zip ~$ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
Credentials
Get your access and secret keys from:
- AWS Management Console > [click] username > [click] My Security Credentials
- [click] Create access key > [copy] Access Key ID > [click] Show secret access key > [copy] secret access key
- NOTE: you will never be able to access the secret access key again. Make sure you copy it, otherwise you'll have to create a new key.
Credentials for role user
Say you want to get an access and secret key for a role user that you can switch to:
- AWS Management Console > [click] services > [click] IAM under Security, Identity, & Compliance > [click] Users
- Add User > give them a user name > select "Programmatic access" for the Access type > for permissions I assigned "AdministratorAccess".
- [click] on the new user under Users > [click] Security Credentials tab > create access key > copy access and secret keys.
- NOTE: you will never be able to access the secret access key again. Make sure you copy it, otherwise you'll have to create a new key.
Setup Credentials AWS CLI
reference: https://blog.gruntwork.io/authenticating-to-aws-with-the-credentials-file-d16c0fbcbf9e
reference: https://blog.gruntwork.io/authenticating-to-aws-with-environment-variables-e793d6f6d02e
~$ aws configure AWS Access Key ID [none]: {access key} AWS Secret Access Key [none]: {secret key} Default region name [none]: {preferred region} Default output format [none]: {preferred output} ie. ~$ aws configure AWS Access Key ID [none]: ODH1748RKHR48892743 AWS Secret Access Key [none]: 48RJHJHD39739DHJHDUOHOI3719457DVMBNH Default region name [none]: us-east-1 Default output format [none]: json
This will save the info in:
- Credentials -
~/.aws/credentials
- Configuration -
~/.aws/config