AWS Command Line Interface

Table of Contents

Reference

Configure

# when '--profile' omitted, considered it as 'default'
$ aws configure --profile user2
AWS Access Key ID [None]: AKIAI44QH8DHBEXAMPLE
AWS Secret Access Key [None]: je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY
Default region name [None]: us-east-1
Default output format [None]: text
# Specify options as arguments
aws ec2 describe-instances --output table --region us-west-1

CLI Skeleton and CLI Input JSON

  1. Run a command only with --generate-cli-skeleton flag
  2. Save the output as a file like params.json, and fill it with actual values
  3. Run the command with --cli-input-json file://params.json

Output Flags

--output json
Default
--output text
Tab-delimited text
--output table
ASCII-formatted table

You can configure the default in the configuration file or AWS_DEFAULT_OUTPUT environment variable.

You can also filter the output with --query flag. This feature is implemented with JMESPath:

$ aws ec2 describe-volumes
{
    "Volumes": [
        {
            "AvailabilityZone": "us-west-2a",
            "Attachments": [
                {
                    "AttachTime": "2013-09-17T00:55:03.000Z",
                    "InstanceId": "i-a071c394",
                    "VolumeId": "vol-e11a5288",
                    "State": "attached",
                    "DeleteOnTermination": true,
                    "Device": "/dev/sda1"
                }
            ],
            "VolumeType": "standard",
            "VolumeId": "vol-e11a5288",
            "State": "in-use",
            "SnapshotId": "snap-f23ec1c8",
            "CreateTime": "2013-09-17T00:55:03.000Z",
            "Size": 30
        },
        {
            "AvailabilityZone": "us-west-2a",
            "Attachments": [
                {
                    "AttachTime": "2013-09-18T20:26:16.000Z",
                    "InstanceId": "i-4b41a37c",
                    "VolumeId": "vol-2e410a47",
                    "State": "attached",
                    "DeleteOnTermination": true,
                    "Device": "/dev/sda1"
                }
            ],
            "VolumeType": "standard",
            "VolumeId": "vol-2e410a47",
            "State": "in-use",
            "SnapshotId": "snap-708e8348",
            "CreateTime": "2013-09-18T20:26:15.000Z",
            "Size": 8
        }
    ]
}
# First element
aws ec2 describe-volumes --query 'Volumes[0]'

# Aliased
aws ec2 describe-volumes --query 'Volumes[*].{ID:VolumeId,AZ:AvailabilityZone,Size:Size}'

# Value only
aws ec2 describe-volumes --query 'Volumes[*].[VolumeId, Attachments[0].InstanceId, AvailabilityZone, Size]'

# Conditional
aws ec2 describe-volumes --query 'Volumes[?AvailabilityZone==`us-west-2a`]'

ec2

# Make the instance terminable (Disable Termination Protection)
aws ec2 modify-instance-attribute --instance-id <value> --no-disable-api-termination

# Retrieve availability zones
aws ec2 describe-availability-zones --region eu-west-1

aws ec2 describe-images | grep ubuntu
aws ec2 describe-images --owners 099720109477 --filters 'Name=name,Values=*ubuntu-*-16.04*' --query 'Images[*].{NAME: Name, ID: ImageId}' --output text

iam

aws iam list-users --output table
aws iam list-users --output json | jq -r .Users[].Arn

Environment Variables

export AWS_ACCESS_KEY_ID=''
export AWS_SECRET_ACCESS_KEY=''
export AWS_DEFAULT_REGION=''