AWS Basics
AWS CLI Setup
# Install AWS CLI
# On macOS with Homebrew:
brew install awscli
# On Ubuntu:
sudo apt install awscli
# Configure AWS CLI
aws configure
AWS Access Key ID [None]: YOUR_ACCESS_KEY
AWS Secret Access Key [None]: YOUR_SECRET_KEY
Default region name [None]: us-east-1
Default output format [None]: json
# On macOS with Homebrew:
brew install awscli
# On Ubuntu:
sudo apt install awscli
# Configure AWS CLI
aws configure
AWS Access Key ID [None]: YOUR_ACCESS_KEY
AWS Secret Access Key [None]: YOUR_SECRET_KEY
Default region name [None]: us-east-1
Default output format [None]: json
Note: Always follow the principle of least privilege when creating IAM users and roles.
Basic AWS Commands
# Check AWS CLI version
aws --version
# List S3 buckets
aws s3 ls
# List EC2 instances
aws ec2 describe-instances
# List IAM users
aws iam list-users
# Get caller identity
aws sts get-caller-identity
# Set default region
aws configure set region us-west-2
aws --version
# List S3 buckets
aws s3 ls
# List EC2 instances
aws ec2 describe-instances
# List IAM users
aws iam list-users
# Get caller identity
aws sts get-caller-identity
# Set default region
aws configure set region us-west-2
EC2 (Elastic Compute Cloud)
EC2 Basics
# List all EC2 instances
aws ec2 describe-instances
# Start an EC2 instance
aws ec2 start-instances --instance-ids i-1234567890abcdef0
# Stop an EC2 instance
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
# Terminate an EC2 instance
aws ec2 terminate-instances --instance-ids i-1234567890abcdef0
# Create a new key pair
aws ec2 create-key-pair --key-name MyKeyPair
aws ec2 describe-instances
# Start an EC2 instance
aws ec2 start-instances --instance-ids i-1234567890abcdef0
# Stop an EC2 instance
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
# Terminate an EC2 instance
aws ec2 terminate-instances --instance-ids i-1234567890abcdef0
# Create a new key pair
aws ec2 create-key-pair --key-name MyKeyPair
Note: Always be cautious when terminating instances as this action cannot be undone.
EC2 Advanced
# Create a new EC2 instance
aws ec2 run-instances \
--image-id ami-0abcdef1234567890 \
--count 1 \
--instance-type t2.micro \
--key-name MyKeyPair \
--security-group-ids sg-003dd9f26eexample \
--subnet-id subnet-0bb1c79de3example
# Create an AMI from an instance
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--description "An AMI for my server"
# Create a security group
aws ec2 create-security-group \
--group-name MySecurityGroup \
--description "My security group"
aws ec2 run-instances \
--image-id ami-0abcdef1234567890 \
--count 1 \
--instance-type t2.micro \
--key-name MyKeyPair \
--security-group-ids sg-003dd9f26eexample \
--subnet-id subnet-0bb1c79de3example
# Create an AMI from an instance
aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "My server" \
--description "An AMI for my server"
# Create a security group
aws ec2 create-security-group \
--group-name MySecurityGroup \
--description "My security group"
S3 (Simple Storage Service)
S3 Basics
# Create a new S3 bucket
aws s3 mb s3://my-bucket-name
# List all S3 buckets
aws s3 ls
# List contents of a bucket
aws s3 ls s3://my-bucket-name
# Copy file to S3
aws s3 cp my-file.txt s3://my-bucket-name/
# Sync local directory to S3
aws s3 sync my-folder s3://my-bucket-name/my-folder
# Remove file from S3
aws s3 rm s3://my-bucket-name/my-file.txt
aws s3 mb s3://my-bucket-name
# List all S3 buckets
aws s3 ls
# List contents of a bucket
aws s3 ls s3://my-bucket-name
# Copy file to S3
aws s3 cp my-file.txt s3://my-bucket-name/
# Sync local directory to S3
aws s3 sync my-folder s3://my-bucket-name/my-folder
# Remove file from S3
aws s3 rm s3://my-bucket-name/my-file.txt
S3 Advanced
# Set bucket policy
aws s3api put-bucket-policy \
--bucket my-bucket-name \
--policy file://policy.json
# Enable versioning
aws s3api put-bucket-versioning \
--bucket my-bucket-name \
--versioning-configuration Status=Enabled
# Configure website hosting
aws s3 website s3://my-bucket-name/ \
--index-document index.html \
--error-document error.html
# Generate presigned URL
aws s3 presign s3://my-bucket-name/my-file.txt \
--expires-in 604800
aws s3api put-bucket-policy \
--bucket my-bucket-name \
--policy file://policy.json
# Enable versioning
aws s3api put-bucket-versioning \
--bucket my-bucket-name \
--versioning-configuration Status=Enabled
# Configure website hosting
aws s3 website s3://my-bucket-name/ \
--index-document index.html \
--error-document error.html
# Generate presigned URL
aws s3 presign s3://my-bucket-name/my-file.txt \
--expires-in 604800
Lambda
Lambda Basics
# List Lambda functions
aws lambda list-functions
# Invoke a Lambda function
aws lambda invoke \
--function-name my-function \
--payload '{"key": "value"}' \
output.txt
# Get function configuration
aws lambda get-function \
--function-name my-function
# Create a new Lambda function
aws lambda create-function \
--function-name my-function \
--runtime python3.8 \
--role arn:aws:iam::123456789012:role/lambda-role \
--handler lambda_function.lambda_handler \
--zip-file fileb://function.zip
aws lambda list-functions
# Invoke a Lambda function
aws lambda invoke \
--function-name my-function \
--payload '{"key": "value"}' \
output.txt
# Get function configuration
aws lambda get-function \
--function-name my-function
# Create a new Lambda function
aws lambda create-function \
--function-name my-function \
--runtime python3.8 \
--role arn:aws:iam::123456789012:role/lambda-role \
--handler lambda_function.lambda_handler \
--zip-file fileb://function.zip
Lambda Advanced
# Update function code
aws lambda update-function-code \
--function-name my-function \
--zip-file fileb://function.zip
# Add environment variables
aws lambda update-function-configuration \
--function-name my-function \
--environment "Variables={BUCKET=my-bucket,KEY=file.txt}"
# Create an event source mapping
aws lambda create-event-source-mapping \
--function-name my-function \
--event-source-arn arn:aws:sqs:us-east-1:123456789012:my-queue \
--batch-size 5
aws lambda update-function-code \
--function-name my-function \
--zip-file fileb://function.zip
# Add environment variables
aws lambda update-function-configuration \
--function-name my-function \
--environment "Variables={BUCKET=my-bucket,KEY=file.txt}"
# Create an event source mapping
aws lambda create-event-source-mapping \
--function-name my-function \
--event-source-arn arn:aws:sqs:us-east-1:123456789012:my-queue \
--batch-size 5
IAM (Identity and Access Management)
IAM Basics
# List IAM users
aws iam list-users
# Create a new IAM user
aws iam create-user --user-name Bob
# Create access key for user
aws iam create-access-key --user-name Bob
# List groups
aws iam list-groups
# Add user to group
aws iam add-user-to-group \
--user-name Bob \
--group-name Admins
aws iam list-users
# Create a new IAM user
aws iam create-user --user-name Bob
# Create access key for user
aws iam create-access-key --user-name Bob
# List groups
aws iam list-groups
# Add user to group
aws iam add-user-to-group \
--user-name Bob \
--group-name Admins
IAM Advanced
# Create a role
aws iam create-role \
--role-name LambdaExecutionRole \
--assume-role-policy-document file://trust-policy.json
# Attach policy to role
aws iam attach-role-policy \
--role-name LambdaExecutionRole \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
# Create an inline policy
aws iam put-role-policy \
--role-name LambdaExecutionRole \
--policy-name MyInlinePolicy \
--policy-document file://inline-policy.json
# Simulate a policy
aws iam simulate-principal-policy \
--policy-source-arn arn:aws:iam::123456789012:user/Bob \
--action-names "s3:GetObject" "s3:ListBucket"
aws iam create-role \
--role-name LambdaExecutionRole \
--assume-role-policy-document file://trust-policy.json
# Attach policy to role
aws iam attach-role-policy \
--role-name LambdaExecutionRole \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
# Create an inline policy
aws iam put-role-policy \
--role-name LambdaExecutionRole \
--policy-name MyInlinePolicy \
--policy-document file://inline-policy.json
# Simulate a policy
aws iam simulate-principal-policy \
--policy-source-arn arn:aws:iam::123456789012:user/Bob \
--action-names "s3:GetObject" "s3:ListBucket"
RDS (Relational Database Service)
RDS Basics
# List DB instances
aws rds describe-db-instances
# Create a DB instance
aws rds create-db-instance \
--db-instance-identifier mydbinstance \
--db-instance-class db.t2.micro \
--engine mysql \
--master-username admin \
--master-user-password password \
--allocated-storage 20
# Create a read replica
aws rds create-db-instance-read-replica \
--db-instance-identifier mydbreadreplica \
--source-db-instance-identifier mydbinstance
aws rds describe-db-instances
# Create a DB instance
aws rds create-db-instance \
--db-instance-identifier mydbinstance \
--db-instance-class db.t2.micro \
--engine mysql \
--master-username admin \
--master-user-password password \
--allocated-storage 20
# Create a read replica
aws rds create-db-instance-read-replica \
--db-instance-identifier mydbreadreplica \
--source-db-instance-identifier mydbinstance
RDS Advanced
# Restore from snapshot
aws rds restore-db-instance-from-db-snapshot \
--db-instance-identifier mynewdbinstance \
--db-snapshot-identifier mydbsnapshot
# Modify DB instance
aws rds modify-db-instance \
--db-instance-identifier mydbinstance \
--master-user-password newpassword \
--apply-immediately
# Create a DB parameter group
aws rds create-db-parameter-group \
--db-parameter-group-name mypg \
--db-parameter-group-family mysql8.0 \
--description "My parameter group"
aws rds restore-db-instance-from-db-snapshot \
--db-instance-identifier mynewdbinstance \
--db-snapshot-identifier mydbsnapshot
# Modify DB instance
aws rds modify-db-instance \
--db-instance-identifier mydbinstance \
--master-user-password newpassword \
--apply-immediately
# Create a DB parameter group
aws rds create-db-parameter-group \
--db-parameter-group-name mypg \
--db-parameter-group-family mysql8.0 \
--description "My parameter group"