August 13, 2019

AWS CLI

AWS CLI

I'm an AWS Administrator. On my day to day duties I need to change some settings from an EC2 instance or sometimes I need to edit DNS records from Route 53. I know that with the time I will be doing more and more things on AWS, today I will talk about a powerful tool that you can use in order to accomplish those tasks: "AWS CLI".

Install AWS CLI:

In Ubuntu first of all you need to install Python Package Installer (pip)

$ sudo apt-get -y install python3-pip

$ sudo apt-get -y install  awscli

# After that you can check the AWS CLI vertion running 
$ aws --version
aws-cli/1.14.44 Python/3.6.8 Linux/4.4.0-17763-Microsoft botocore/1.8.48

how to configure your profile:

$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json

If you want to configure a different profile we need to do:

$ aws configure --profile profileName

ec2 instances, security groups, IPs

Instances descriptions

$ aws --profile profileName ec2  --region us-west-2 describe-instances --output table

Start/Stop/Terminate an instance

$ aws --profile profileName ec2  --region us-west-2 start-instances --instance-id i-01666b484cc49b

#To Terminate
$ aws --profile profileName ec2 --region us-west-2 modify-instance-attribute --instance-id i-01666b484cc49b --no-disable-api-termination

$ aws --profile profileName ec2  --region us-west-2 terminate-instances --instance-id i-01666b484cc49b

View security group and add a public IP on port 22

$ aws ec2 describe-security-groups --group-ids sg-9036664f8

$ curl https://checkip.amazonaws.com/
1.1.1.1

$ aws --profile profileName ec2 authorize-security-group-ingress --group-id  sg-9036664f8 --protocol tcp --port 22 --cidr 1.1.1.1/32

Route 53 commands

List hosted zones

$ aws --profile profileName route53 list-hosted-zones

{
 "HostedZones": 
	[
     {
	  "Id": "/hostedzone/XXX666Q8NTFF2Y",
      "Name": "contoso.com.",
      "CallerReference": "RISWorkflow-e66a15f57666e942123fff79a243fb19",
	  "Config": {  
      "Comment": "Microsoft Domain created by Route53 Registrar",
      "PrivateZone": false 
	 },
	 "ResourceRecordSetCount": 11 
	]
}

Create a bunch of records using a JSON file, first of all you will need to create a JSON file as the one below:

{
  "Comment": "optional comment about the changes in this change batch request",
  "Changes": [
    {
      "Action": "CREATE",
      "ResourceRecordSet": {
        "Name": "contoso.com",
        "Type": "MX",
        "TTL": 3600,
        "ResourceRecords": [{"Value" : "1 ASPMX.L.GOOGLE.COM"},
		{"Value" : "5 ALT1.ASPMX.L.GOOGLE.COM"},
		{"Value" : "5 ALT2.ASPMX.L.GOOGLE.COM"},
		{"Value" : "10 ALT3.ASPMX.L.GOOGLE.COM"},
		{"Value" : "10 ALT4.ASPMX.L.GOOGLE.COM"}
	]
      }
    }
  ]
}

And then you will need to run the following command:

$ aws --profile profileName route53 change-resource-record-sets --hosted-zone-id Z1R8UBAEXAMPLE --change-batch file://exampleFileRoute53changes.json