AWS-CLI

AWS CLI (Command Line Interface) "is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts" (AWS). Users are mostly familiar with the AWS Management Console to access and manage the various AWS services. However with the help of AWS command line interface, users can access and manage those same services through command-line shells. Common shell programs include bash or Z Shell on Linux or macOS and PowerShell on Windows.
In addition, we have the ability to run AWS CLI commands on a EC2 server after connecting to the EC2 server from our local machine through SSH or PuTTY. This respository illustrates the steps to remotely configure AWS CLI on an Amazon Linux 2 EC2 instance. Initially, we launch an EC2 instance, create our IAM user and attach the appropriate user's policy. Then, we connect to the instance through SSH, configure AWS CLI and execute commands from the instance such as listing the user's S3 buckets. The steps can be applied using other Amazon Machine Images (AMIs) such as Windows, macOS and Redhat.

Note:

• Please remember to always secure and never share your EC2's private key and the user's credentials.
• In this example, all public IP addresses were temporarly allowed into the EC2 instance on port 22 to use the SSH protocol for test and learning purposes only. Please make sure to secure access to your EC2 by setting up the appropriate firewall rules.
• AWS charges users based on the amount of compute, storage and data transfer out (not in). This example uses the EC2 instance (t2.micro) family that comes with an attached 8gb SSD EBS volume. Both are covered under the AWS 1-year free tier model. Every user's setup is different. Thus depending on your personal AWS setup, please remember to disable or terminate any running EC instances/EBS volumes as it can incur charges within your account.

1. Launch Amazon Linux 2 AMI

2. Setup SSH firewall rule (allow all IP addresses for test purposes only)

3. Create & download private key pair to securely SSH into EC2 instance

4. Create an S3 bucket and block all public access

5. Create new IAM user with programmatic access and management console access

6. Attach Amazon S3 Full Access policy to the newly created user

7. Review IAM user details

8. Download newly created user’s credentials for future CLI configurations

9. SSH into EC2 with choice of terminal application (using macOS Terminal -> bash in this example)

10. Check Python and AWS CLI version installed on the instance

• Note that our Linux 2 AMI instance comes pre-installed with AWS CLI and Python.
• It is recommennded to update our EC2 instance and CLI prior to use (I ommitted this step for quick CLI configuration and testing).

11. Open the downloaded .csv file which holds the newly created user credentials

12. Setup AWS Configure using user’s CLI credentials (Access Key ID & Secret Access Key)

• Leaving "Default output format" empty means receiving the default output format in json string

13. Use ‘aws help’ command to learn more about AWS CLI commands

14. Use ‘aws s3 help’ command to learn specifically about AWS S3 CLI commands

15. Type command to list S3 buckets

• Note: It will list the newly created bucket in step 4

16. If we remove the S3 Full Access policy that we added to the user in Step 6 and try to the S3 commands again, we notice the following error: