Aws-shell is a command-line shell program that provides convenience and productivity features to help both new and advanced users of the AWS Command Line Interface.Key features include the following. Fuzzy auto-completion for Commands (e.g. Ec2, describe-instances, sqs, create-queue) Options (e.g.instance-ids, -queue-url). AWS Lambda cheatsheet. Contribute to srcecde/aws-lambda-cheatsheet development by creating an account on GitHub. Command-line-cheat-sheet A place to quickly lookup commands (bash, Vim, git, AWS, Docker, Terraform, Ansible, kubectl). The one-page guide to AWS CLI: usage, examples, links, snippets, and more. You create a resource group with the following command If the group does not exist, this command creates the group. If the group exists, this command adds additional resources to the group. Pcs resource group remove groupname resourceid You remove a resource from a group with the following command.
Configuration files
Environment variables
Instead of using the --profile flag all the time you can simply define the profile by exporting it to your environment:
But be aware of access key preference:
If AWS_PROFILE environment variable is set and the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables are set, then the credentials provided by AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY will override the credentials located in the profile provided by AWS_PROFILE.
You have to unset both AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY and set AWS_PROFILE then it should work correctly.
Working with roles
List profile information
Configure pager
The following example sets the default to disable the use of a pager.
Aws Command Line
It can also be disable with the --no-cli-pager command line option or by setting its environment variable to an empty string:
Filter and query examples
Import credentials csv from AWS Console
The CLI docs show the following example:
However, you’ll get the following error when trying to import the csv:
That is because the file is actually missing a column called “User Name” whose value is used to name the profile.
Wrong:
Correct:
You can also use the script aws-import-credentials-csv to correctly import the csv until AWS CLI supports the csv format:
Which can be run as follows:
Using an external tool to provide AWS credentials
Aws Linux Commands Cheat Sheet
AWS CLI and programs using the AWS SDK support invoking an external program to generate credentials:
The docs say:
- output the following JSON object on stdout
- the
SessionTokenandExpirationproperties are optional
I have created the following script to retrieve AWS credentials from our password manager Bitwarden:
Then add it to your profile:
Example:
Note: You are viewing the documentation for an older major version of the AWS CLI (version 1).
AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
[ aws ]
Description¶
This section explains prominent concepts and notations in the set of high-level S3 commands provided.
Path Argument Type¶
Whenever using a command, at least one path argument must be specified. Thereare two types of path arguments: LocalPath and S3Uri.
LocalPath: represents the path of a local file or directory. It can bewritten as an absolute path or relative path.
S3Uri: represents the location of a S3 object, prefix, or bucket. Thismust be written in the form s3://mybucket/mykey where mybucket isthe specified S3 bucket, mykey is the specified S3 key. The path argumentmust begin with s3:// in order to denote that the path argument refers toa S3 object. Note that prefixes are separated by forward slashes. Forexample, if the S3 object myobject had the prefix myprefix, theS3 key would be myprefix/myobject, and if the object was in the bucketmybucket, the S3Uri would be s3://mybucket/myprefix/myobject.
S3Uri also supports S3 access points. To specify an access point, thisvalue must be of the form s3://<access-point-arn>/<key>. For example ifthe access point myaccesspoint to be used has the ARN:arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint and the objectbeing accessed has the key mykey, then the S3URI used must be:s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/mykey.Similar to bucket names, you can also use prefixes with access point ARNs forthe S3Uri. For example:s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/myprefix/
The higher level s3 commands do not support access point object ARNs.For example, if the following was specified:s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/object/mykeythe S3URI will resolve to the object key object/mykey
Order of Path Arguments¶
Every command takes one or two positional path arguments. The first pathargument represents the source, which is the local file/directory or S3object/prefix/bucket that is being referenced. If there is a second pathargument, it represents the destination, which is the local file/directoryor S3 object/prefix/bucket that is being operated on. Commands with onlyone path argument do not have a destination because the operation is beingperformed only on the source.
Single Local File and S3 Object Operations¶
Some commands perform operations only on single files and S3 objects. Thefollowing commands are single file/object operations if no --recursiveflag is provided.
For this type of operation, the first path argument, the source, must existand be a local file or S3 object. The second path argument, the destination,can be the name of a local file, local directory, S3 object, S3 prefix,or S3 bucket.
The destination is indicated as a local directory, S3 prefix, or S3 bucketif it ends with a forward slash or back slash. The use of slash dependson the path argument type. If the path argument is a LocalPath,the type of slash is the separator used by the operating system. If thepath is a S3Uri, the forward slash must always be used. If a slashis at the end of the destination, the destination file or object willadopt the name of the source file or object. Otherwise, if there is noslash at the end, the file or object will be saved under the name provided.See examples in cp and mv to illustrate this description.
Directory and S3 Prefix Operations¶
Some commands only perform operations on the contents of a local directoryor S3 prefix/bucket. Adding or omitting a forward slash or back slash tothe end of any path argument, depending on its type, does not affect theresults of the operation. The following commands will always result ina directory or S3 prefix/bucket operation:
- sync
- mb
- rb
- ls
Use of Exclude and Include Filters¶
Currently, there is no support for the use of UNIX style wildcards ina command's path arguments. However, most commands have --exclude'<value>'and --include'<value>' parameters that can achieve the desired result.These parameters perform pattern matching to either exclude or includea particular file or object. The following pattern symbols are supported.
- *: Matches everything
- ?: Matches any single character
- [sequence]: Matches any character in sequence
- [!sequence]: Matches any character not in sequence
Any number of these parameters can be passed to a command. You can do this byproviding an --exclude or --include argument multiple times, e.g.--include'*.txt'--include'*.png'.When there are multiple filters, the rule is the filters that appear later inthe command take precedence over filters that appear earlier in the command.For example, if the filter parameters passed to the command were
All files will be excluded from the command except for files ending with.txt However, if the order of the filter parameters was changed to
All files will be excluded from the command.
Aws Cli Commands Cheat Sheet
Each filter is evaluated against the source directory. If the sourcelocation is a file instead of a directory, the directory containing the file isused as the source directory. For example, suppose you had the followingdirectory structure:
In the command awss3sync/tmp/foos3://bucket/ the source directory is/tmp/foo. Any include/exclude filters will be evaluated with the sourcedirectory prepended. Below are several examples to demonstrate this.
Given the directory structure above and the commandawss3cp/tmp/foos3://bucket/--recursive--exclude'.git/*', thefiles .git/config and .git/description will be excluded from thefiles to upload because the exclude filter .git/* will have the sourceprepended to the filter. This means that:
The command awss3cp/tmp/foo/s3://bucket/--recursive--exclude'ba*'will exclude /tmp/foo/bar.txt and /tmp/foo/baz.jpg:
Note that, by default, all files are included. This means thatproviding only an --include filter will not change whatfiles are transferred. --include will only re-include files thathave been excluded from an --exclude filter. If you only wantto upload files with a particular extension, you need to first excludeall files, then re-include the files with the particular extension.This command will upload only files ending with .jpg:
Aws Cloud Cheat Sheet
If you wanted to include both .jpg files as well as .txt files youcan run:
See 'aws help' for descriptions of global parameters.
Synopsis¶
Options¶
None
See 'aws help' for descriptions of global parameters.
Available Commands¶