Scribd
Upload
76 views9 pages

AWS CLI Setup and Best Practices

The AWS CLI allows controlling AWS services from the command line and automating tasks through scripts. It can be installed on Windows or Linux and used locally or on EC2 instances by configuring IAM roles rather than personal credentials to avoid security issues.

Uploaded by

jayaprakash.annaladevi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
76 views9 pages

AWS CLI Setup and Best Practices

The AWS CLI allows controlling AWS services from the command line and automating tasks through scripts. It can be installed on Windows or Linux and used locally or on EC2 instances by configuring IAM roles rather than personal credentials to avoid security issues.

Uploaded by

jayaprakash.annaladevi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

AWS CLI

What is AWS CLI ?


▪ The AWS Command Line Interface (CLI) is a unified tool to manage
your AWS services.
▪ With just one tool to download and configure, you can control
multiple AWS services from the command line and automate them
through scripts.

2
CLI
Developing and performing AWS tasks against AWS can be done
in several ways.

▪ Using the AWS CLI on our local computer


▪ Using the AWS CLI on our EC2 instance
▪ Using the AWS SDK on local or EC2 instance

3
CLI Installation

Install CLI on Windows using AWSCLI.MSI

Install CLI on Linux Machine

4
CLI Installation on Linux
Yum install –y python
python --version
▪ Yum install wget
▪ wget https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz
▪ tar xvf setuptools-7.0.tar.gz
▪ cd setuptools-7.0
▪ python setup.py install
▪ wget https://bootstrap.pypa.io/get-pip.py
▪ python get-pip.py
▪ pip install awscli
▪ aws --version
▫ AWS will store these credentials and configuration details in two
separate files named ~/.aws/credentials and ~/.aws/config, 5

respectively
AWS CLI on EC2 .. The Bad
Way!!
▪ We could run ‘AWS Configure’ on EC2 just like we did (and all it works).
▪ But .. It’s SUPER INSECURE.
▪ NEVER NEVER EVER PUT YOUR PERSONAL CREDENTIALS ON EC2.
▪ Your PERSONAL credentials are PERSONAL and only belongs on your
PERSONAL computer.
▪ IF the EC2 is compromised, so is your personal account.
▪ If the EC2 is shared, other people may perform AWS actions while
impersonating you.
▪ For EC2, there is a better way… its called AWS IAM ROLES

6
AWS CLI on EC2 .. The RIGHT
Way!!
▪ IAM Roles can be attached to EC2 instances
▪ IAM Roles can come with a policy authorizing exactly what the EC2
instance should be able to do.
▪ This is the best practice on AWS, you should do it 100%

7
AWS EC2 Instance Metadata
▪ The URL curl http://169.254.169.254/latest/meta-data
▪ You can retrieve the IAM Role name from the meta-data, but you
CANNOT retrieve the IAM policy.
▪ Meta-data = Info about EC2 instance
▪ User-data = launch script of the EC2 instance.

8
Lab on CLI
▪ Install CLI on local Linux machine.

▪ Configure CLI on EC2 with IAM Roles.

You might also like