4124. AWS-EC2-Command LineAWS, EC2, and Command Line
Use command line to interact with AWS services.
1. The AWS Command Line
1.1 What is AWS Command Line?
The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
- You can interact with AWS from anywhere in the world just by using the command line interface(CLI).
- You will need to set up access in IAM.
2. Lab - AWS Command Line Interface
2.1 Remote SSH
Start EC2 instance and get its public IP. SSH to it remotely.
>ssh ec2-user@18.234.185.140 -i johnny-aws-ec2-keypair.pem The authenticity of host '18.234.185.140 (18.234.185.140)' can't be established. ECDSA key fingerprint is SHA256:U8mtdYsvO0ltiT2L/GY+p+4+n/td8Q7qzWkGovkIlPI. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '18.234.185.140' (ECDSA) to the list of known hosts. Last login: Mon Sep 9 15:40:49 2019 from 169.145.92.73 __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ [ec2-user@ip-172-31-93-212 ~]$ sudo su [root@ip-172-31-93-212 ec2-user]# ls 2.2 Interacting with S3
Use aws s3 ls to list all existing s3 buckets, error occurs.
[root@ip-172-31-93-212 ec2-user]# aws s3 ls Unable to locate credentials. You can configure credentials by running "aws configure". [root@ip-172-31-93-212 ec2-user]# Create a new user and download the secure csv which contains id/keys. Use them with aws configure to setup configuration.
[root@ip-172-31-93-212 ec2-user]# aws configure AWS Access Key ID [None]: ****************** AWS Secret Access Key [None]: *************************************** Default region name [None]: us-east-1 Default output format [None]: [root@ip-172-31-93-212 ec2-user]# Then, try again. All existing s3 buckets are listed.
[root@ip-172-31-93-212 ec2-user]# aws s3 ls 2019-09-08 23:29:38 bucket-replication-destination 2019-09-08 20:34:17 johnnyawsguru-s3-01 2019-09-08 22:41:06 johnnyawsguru-version-01 2.3 AWS Credentials
Actually, the ‘aws configure’ command stores the credentials to file, which is stored in ‘~/.aws/credentials’.
[root@ip-172-31-93-212 ec2-user]# cd ~ [root@ip-172-31-93-212 ~]# ls -la total 20 dr-xr-x--- 4 root root 115 Sep 9 20:53 . dr-xr-xr-x 18 root root 257 Sep 9 15:39 .. drwxr-xr-x 2 root root 39 Sep 9 20:53 .aws -rw-r--r-- 1 root root 18 Oct 18 2017 .bash_logout -rw-r--r-- 1 root root 176 Oct 18 2017 .bash_profile -rw-r--r-- 1 root root 176 Oct 18 2017 .bashrc -rw-r--r-- 1 root root 100 Oct 18 2017 .cshrc drwx------ 2 root root 29 Sep 9 15:39 .ssh -rw-r--r-- 1 root root 129 Oct 18 2017 .tcshrc [root@ip-172-31-93-212 ~]# cd .aws [root@ip-172-31-93-212 .aws]# ls config credentials [root@ip-172-31-93-212 .aws]# nano credentials 