AWS Common CLI commands
Operations on AWS services can be done through the management console, SDKs, CLIs, and APIs in various languages. The management console is the simplest and can be operated directly through the web interface, but some services or certain operations under the service cannot be called directly from the console; the API method is the most complicated, and you need to generate the hash value to sign the request and handle the request error. At the level of operation, most AWS services provide REST APIs and query APIs similar to REST. The service operations provided by the API are the latest and most comprehensive; the benefit of the SDK is that it encapsulates request signing, request error handling, and retry mechanisms. , Users only need to directly call the relevant interface, but support for new services and operations may lag behind the release of the API interface. CLI can also be regarded as a kind of SDK, it is a Swiss army knife for AWS service operation. This article provides a brief summary of common CLI commands for AWS services used in project practice for future reference.
EC2
Mount EBS
linux
View block device: lsblk
Format the disk: sudo mkfs -t ext4 /dev/xvdb
Mount the volume: sudo mount /dev/xvdb /mnt/mydir
Unmount the volume: sudo umount /dev/xvdb
windows
diskpart
san policy=onlineall
list disk
disk yourdiskid
attributes disk clear readonly
online disk
Example operation
aws ec2 describe-instances
aws ec2 describe-instances — instance-ids “instanceid1” “instanceid2”
aws ec2 start-instances — instance-ids “instanceid1” “instanceid2”
aws ec2 stop-intances — instance-ids “instanceid1” “instanceid2”
aws ec2 run-instances — image-id ami-b6b62b8f — security-group-ids sg-xxxxxxxx — key-name mytestkey — block-device-mappings “[{\”DeviceName\”: \”/dev/ sdh\”,\”Ebs\”:{\”VolumeSize\”:100}}]” — instance-type t2.medium — count 1 — subnet-id subnet-e8330c9c — associate-public-ip- address
(Note: If you do not specify the subnet-id, it will be selected in the default vpc. At this time, if you specify a non-default vpc security group, a request error will occur. If there are no special requirements, it is recommended that neither the security group nor the subnet be specified. This problem will occur.)
View region and AZ
aws ec2 describe-region
aws ec2 describe-availability-zones — region region-name
View instance metadata and user data
curl http://149.254.172.254/latest/meta-data/
curl http://149.254.172.254/latest/user-data/
View ami
aws ec2 describe-images
key-pair
aws ec2 create-key-pair — key-name mykeyname
Security Group
aws ec2 create-security-group — group-name mygroupname — description mydescription — vpc-id vpc-id (if vpc is not specified, the security group is created in the default vpc)
aws ec2 authorize-security-group-ingress — group-id sg-xxxxyyyy — protocol tcp — port 22 — cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress — group-id sg-xxxxyyyy — protocol tcp — port 9999 — source-group sg-xxxxxxxx
AutoScaling
List AS groups
aws autoscaling describe-auto-scaling-groups
List AS instances
aws autoscaling describe-auto-scaling-instances — instance-ids [instance-id-1 instance-id-2 …]
Detach the instance from the group
aws autoscaling detach-instances — auto-scaling-group-name myasgroup — instance-ids instanceid1 instanceid2 [ — should-decrement-desired-capacity| — no-should-decrement-desired-capacity]
Attach an instance to a group
aws autoscaling attach-instances — auto-scaling-group-name myasgroup — instance-ids instanceid1 instanceid2
Suspend the AS process
aws autoscaling suspend-process — auto-scaling-group-name myasgroup — scaling-processes AZRebalance|AlarmNotification|…
Delete AS group
aws autoscaling delete-auto-scaling-group — auto-scaling-group-name myasgroup
S3
View
aws s3 ls
aws s3 ls s3://bucket
aws s3 ls s3://bucket/prefix
copy
aws s3 cp /to/local/path s3://bucket/prefix
aws s3 cp s3://bucket/prefix /to/local/path
aws s3 cp s3://bucket1/prefix1 s3://bucket2/prefix2
Synchronize
aws sync [ — delete] /to/local/dir s3://bucket/prefixdir
aws sync [ — delete] s3://bucket/prefixdir /to/local/dir
aws sync [ — delete] s3://bucket1/prefixdir1 s3://bucket2/prefixdir2
Manual multipart upload
File fragmentation
split -b 40m myfile myfile-part-
Create a multipart upload task
aws s3api create-multipart-upload — bucket bucketname — key prefix
Record the return value
{
“Bucket”: “bucketname”,
“UploadId”: “uploadeid”,
“Key”: “prefix”
}
Upload fragments
aws s3api upload-part — bucket bucketname — key prefix — part-number [part upload number (e.g. 1,2,3…)] — body myfile-[x] — upload-id uploadid
List uploaded shards and create shard structure file
aws s3api list-parts — bucket bucketname — key prefix — upload-id uploadid
Save the parts in the result of the above command as a temp file
{“Parts”: [
{
“PartNumber”: 1,
“ETag”: “\”xxxxxxx\””
},
{
“PartNumber”: 2,
“ETag”: “\”xxxxxxxx\””
}
]
}
End shard upload task
aws s3api complete-multipart-upload — multipart-upload file://temp — bucket bucketname — key prefix — upload-id uploadid
Get canonical user ID
aws s3api list-buckets — query’Owner.ID’
AWSCLI access to Alibaba Cloud OSS
aws configure — p aliyun #Set key and secret, other default
aws configure set s3.addressing_style virtual — p aliyun
aws s3 ls — endpoint-url [url/(e.g. http://oss-in-pankajconnect.com)] — p aliyun
IAM
Role operation
aws iam create-role MY-ROLE-NAME — assum-role-policy-document file://path/to/trustpolicy.json
aws iam put-role-policy — role-name MY-ROLE-NAME — policy-name MY-PERM-POLICY — policy-document file://path/to/permissionpolicy.json
aws iam create-instance-profile — instance-profile-name MY-INSTANCE-PROFILE
aws iam add-role-to-instance-profile — instance-profile-name MY-INSTANCE-PROFILE — role-name MY-ROLE-NAME
AUTO-SCALING
View information
aws autoscaling describe-auto-scaling-groups
aws autoscaling describe-auto-scaling-instances
STS
Temporary authentication information for EC2 instances substituted into ROLE
curl http://149.254.172.254/latest/meta-data/iam/security-credentials/ROLE-NAME
kinesis
Create a stream
aws kinesis create-stream –stream-name mystream –shard-count
List streams
aws kinesis list-streams
Get the shard iterator of the specified stream
aws kinesis get-shard-iterator –stream-name mystream –shard-id shard-1 –shard-iterator-type TRIM_HORIZON
Send data to stream
aws kinesis put-record –stream-name mystream –partition-key mykey –data test
Get streaming data
aws kinesis get-records –shard-iterator myiterator
