AWS CLI

SSH/Putty into EC2 instance

aws s3 ls
aws configure [copy paste details from programmatic IAM user]
aws s3 mb s3://experimenting-aws [make bucket]
echo "Hello world" > hello.txt
aws s3 cp ./hello.txt s3://experimenting-aws
aws s3 ls s3://experimenting-aws

AWS CLI reference: https://docs.aws.amazon.com/cli/latest/index.html

Exam Tips:

  • Least Privilege - always give your users the minimum amount of access required
  • Create Groups - assign users to groups. Your users with auto inherit the permissions of the group - the groups permissions are assigned using policy documents.
  • Secret Access Key - you will see this only once - if you do not save it you can delete the key pair (access key id and secret access key) and regenerate it. You will need to run aws configure again.
  • Do not use just one access key - do not create just one access key and share that with all your developers. If someone leaves the company on bad terms, then you will need to delete the key and create a new one and every developer would then need to update their keys. Instead create on key pair per developer.
  • You can use the CLI on your PC [Mac, Linux or Windows]

CLI Pagination

  • You can control the numbers of items included in the output when you run a CLI command
  • By default, the AWS CLI uses a page size of 1,000 i.e. if you run aws s3api list-object my_bucket - on a bucket which contains 2,500 objects, the CLI actually makes 3 API calls to S3… but displays the entire output in one go

AWS CLI Pagination - Errors

  • If you see errors when running list commands on a large number of resources, the default page size of 1,000 might be too high.

  • You are most likely to see a “timed out” error, because the API call has exceeded the maximum allowed time to fetch the required results.

  • To fix this use the –page-size option to have the CLI request a smaller number of items from each API call

  • The CLI will retrieve the full list, but performs a larger number of API calls in the background and retrieves a smaller number of items with each call

  • aws s3api list-objects --bucket my-bucket --page-size 100

  • Use the –max-items option to return fewer items in the CLI output
  • aws s3api list-objects --bucket my-bucket --max-items 100

Pagination Exam Tips

  • If you do see errors like ‘timed out’ or errors related to too many results returned
    • Adjust the pagination in the CLI results to avoid errors generated by too many results
    • aws s3api list-objects –bucket my-bucket –page-size 100
  • The CLI still retrieves the full list, but performs a larger number of API calls in the background and retrieves a smaller number of items with each call