The new AWS CLI - AWS Atlanta meetup 02/19/2014

1,365 views
1,133 views

Published on

Using the consolidated AWS CLI (command line interface) which was written in python.
Installing on both Windows and linux and example commands.

Slides from the AWS-Atlanta Mettup group on 2014-02-19

Published in: Technology

The new AWS CLI - AWS Atlanta meetup 02/19/2014

  1. 1. The new AWS CLI Installing and using the new python tools with an emphasis on passwordless usage using IAM instance roles
  2. 2. The new AWS CLI Presented by Adam Book from Find me on LinkedIn
  3. 3. Using the AWS CLI What used to be out there? Each service / team made their own set of tools which required a separate type of call and credential file.
  4. 4. Using the AWS CLI Some of the available services from the AWS CLI • • • • • • AutoScaling EC2 IAM DynamoDB Elastic Load Balancers Elastic IP Addresses • • • • • • • RDS (Relational Data Service) Redshift Route 53 Simple Storage Service (S3) buckets SES (Simple Email Service) AWS Identity & Access Management Policies Much More
  5. 5. Installing the AWS CLI Installing the AWS CLI on Windows
  6. 6. Installing the AWS CLI Installing the CLI on Windows Windows XP or later is needed The easiest way is to use the MSI (32 & 64 bit) https://s3.amazonaws.com/aws-cli/AWSCLI64.msi https://s3.amazonaws.com/aws-cli/AWSCLI32.msi
  7. 7. Installing the AWS CLI Installing the AWS CLI on Linux Pre-requisites: Python 2.6.3 or later Python PiP sudo apt-get install python-pip OR sudo yum install python-pip
  8. 8. Installing the AWS CLI Once pip is installed then pip install awscli OR to upgrade Pip install –-upgrade awscli Then test the installation aws help
  9. 9. A matter of credentials The new python tool can use credentials in a few different ways: • By finding the credentials from previous CLI tools • By declaring credentials • By using an IAM instance profile
  10. 10. Adding Your Credentials If you need to add your credentials to a new instance (or update your credentials) you can do so from the command line $aws configure AWS Access Key ID [None]:AKIAIOSFODNN7EXAMPLE AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Default region name [None]: us-west-2 Default output format [None]: json
  11. 11. Multiple Accounts One of the nice things about the new AWS CLI is that you can have multiple account credentials in the configuration file
  12. 12. Multiple Accounts $vi ~/.aws/config [default] aws_access_key_id = AKIAIOSFODNN7EXAMPLE aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Default_region_name = us-east-1 [beta] aws_access_key_id = AKIAIOSFODNN7BETA aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYBETA Default_region_name = us-west-1
  13. 13. IAM Instance Roles IAM roles allow applications in your EC2 instances to Act on your behalf. Like an IAM user, you use IAM policies to allow your EC2 instances access to specific AWS services.
  14. 14. Basic Commands pt 1 Working with EC2 instances Locating by instance ID $aws ec2 describe-instances –filters “Name=instance-id, Values=i-ddd11dd1” –region=us-east-1 Locating by Tag/Value pairs $aws ec2 describe-instances –filters “Name=tag-key, Values=Phase, Name=tag-value,Values=Testing” –region=us-west-1 Copy Image from one region to another $aws ec2 copy-image –-source-image-id ami-1234567a -–source-region us-east-1 –-region us-west-1 –name “US West Copy”
  15. 15. Basic Commands pt 2 Working with EC2 instances Taking a snapshot $aws ec2 create-snapshot –-volume-id vol-000aa111 --description “Test Snapshot” –region=us-west-1 Describe Spot Price History $aws ec2 describe-spot-price-history –instance-types m1.large -–region=us-west-1
  16. 16. Basic Commands pt 4 Working with S3 buckets Listing buckets $aws s3 ls –region=us-west-1 Creating a bucket $aws s3 mb s3://awsatlantanewbucket –region=us-west-1 Putting an object up to a bucket (with server side encryption) $aws s3 cp ~/testfile.txt s3://awsatlantanewbucket/testfile.txt –sse --region=us-west-1
  17. 17. Basic Commands pt 3 Sending emails with SES NOTE: you must have an approved email address that is out of the the sandbox $aws ses send-email --from test@openspan.com --subject “test" --to test@openspan.com --text “test" --region us-east-1

×