目次
This article describes the initial settings required to use AWS_CLI.
Prerequisite (Environment)
- Using Amazon Linux2(EC2)
- Using LighthSail's EC2
Making it happen.
- Enabling the use of aws commands on EC2
- Check the version of the aws command
- Obtaining EC2 metadata (tags) using the aws command
If AWS_CLI was not initially set up
The following error message is output. The message says that the region has not been set up.
[code] [root@ip-172-26-1-254 ~]#[root@ip-172-26-1-254 ~]# aws ec2 describe-instances
You must specify a region. You can also configure your region by running "aws configure".
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]# [/code]
Notes on the use of AWC_CLI
AWS_CLI Network Configuration
To be done on an EC2 on a public subnet.
The reason is that the AWS command specifications require interaction with an external server provided by AWS.
In addition, the
EC2 on a private subnet
on a private subnet, you can also use a
If you use a VPC endpoint
VPC endpoints can be used to connect to the outside world without any problems.
Initial Settings for AWS_CLI
Install AWS_CLI on EC2 (Amazon_Linux2)
- For EC2, you do not need to do this because it is installed by default.
Check if AWS_CLI is installed
[code] [root@ip-172-26-1-254 ~]#[root@ip-172-26-1-254 ~]# aws --version
aws-cli/1.18.147 Python/2.7.18 Linux/4.14.246-187.474.amzn2.x86_64 botocore/1.18.6
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]# [/code]
Check the AWS_CLI help
Find out what commands are available.
[code]# aws command help
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]# aws help
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]#
Escape with *q
# aws ec2 command help
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]# aws ec2 help
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]#
Escape with *q
Create AWS_CLI configuration file
Once you have confirmed that AWS_CLI is installed, the next thing to do is to create a configuration file for AWS_CLI.
[code] [root@ip-172-26-1-254 ~]#[root@ip-172-26-1-254 ~]# aws configure
AWS Access Key ID [None]: aaa
AWS Secret Access Key [None]: bbb
Default region name [None]: ap-northeast-1
Default output format [None]: json
[root@ip-172-26-1-254 ~]#
[root@ip-172-26-1-254 ~]# [/code]
The following four items are specified.
- Access key (enter temporarily, edit later)
- Secret access key (enter temporarily, edit later)
- Region (check from LightSail's GUI screen, specs don't require a or c)
- Output method (json or text: Specify output display of aws_cli command)
Check if the AWS_CLI configuration file is ready
[code] [root@ip-172-26-1-254 .aws]#[root@ip-172-26-1-254 .aws]# pwd
/root/.aws
[root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]# ll
total 8
-rw------- 1 root root 48 Dec 4 00:06 config
-rw------- 1 root root 62 Dec 4 00:06 credentials
[root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]# [root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]# cat config
[default] output = json
region = ap-northeast-1
[root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]# cat credentials
[default] aws_access_key_id = aaa
aws_secret_access_key = bbb
[root@ip-172-26-1-254 .aws]#
[root@ip-172-26-1-254 .aws]# [/code]
Creating an IAM User
Apply IAM policy (authorization)
Access Key Settings
If you want to assign a technician (experienced) to the job
*If you want to include a technician (experienced) in your team
The lowest commission in the industry and the best value for money [Bizseek
If you want to ask an experienced person (expert) about more techniques
https://aws.darcy-it.com/menta_use/
