SSkilltecabyclaudinhocode
Enviar skill
← Voltar para o catálogo

mastering-aws-cli

DevOps e Infra

AWS CLI v2 quick-reference for experienced developers. Covers compute (Lambda, ECS, EKS), storage (S3, DynamoDB, Aurora), networking (VPC, SSM tunneling), security (IAM, Secrets Manager), and GitHub Actions CI/CD. Use when asked to "write aws commands", "debug aws access", "set up cross-account roles", "configure aws cli", "assume role", "S3 bucket operations", or "deploy to ECS".

4estrelas
Ver no GitHub ↗Autor: SpillwaveSolutions
#github#git#deploy

AWS CLI v2 Quick Reference

A unified tool to manage AWS services from the terminal. This guide focuses on CLI v2 features, practical examples, and advanced patterns for experienced developers.

Quick Start

# Verify installation and version
aws --version

# Interactive configuration
aws configure                    # Access keys + region + output format
aws configure sso               # IAM Identity Center (SSO) - recommended

# Verify identity
aws sts get-caller-identity     # Shows Account, UserId, ARN

# Enable auto-prompt for command discovery
aws dynamodb --cli-auto-prompt

Power User Tips

# See all waiter commands for a service
aws ec2 wait help

# Generate command skeleton (fill in the blanks)
aws lambda create-function --generate-cli-skeleton > create-fn.json

# Create CLI alias for common commands
aws configure set cli_alias.whoami "sts get-caller-identity"
aws whoami  # Now works!

# Disable pager for scripting
export AWS_PAGER=""

See Advanced Patterns for JMESPath mastery and automation tricks.

Global Options

FlagDescription
--profile NAMEUse named profile from ~/.aws/credentials
--region REGIONOverride default region (e.g., us-east-1)
--output FORMATOutput: json (default), text, table, yaml, yaml-stream
--query EXPRFilter output using JMESPath expressions
--no-paginateDisable auto-pagination (first page only)
--dry-runCheck permissions without executing (EC2, etc.)
--debugVerbose HTTP/API debug logging
--cli-auto-promptInteractive parameter completion
--no-cli-pagerDisable output paging

Decision Trees

Compute & Containers

Need compute?
├── Serverless functions ────────────► Lambda (references/lambda.md)
├── Docker containers
│   ├── Managed orchestration ───────► ECS (references/ecs.md)
│   ├── Kubernetes ──────────────────► EKS (references/eks.md)
│   └── Container registry ──────────► ECR (references/ecr.md)
└── Virtual machines ────────────────► EC2 (use aws ec2 commands)

Data & Storage

Need data storage?
├── Object/blob storage ─────────────► S3 (references/s3.md)
├── NoSQL (key-value/document) ──────► DynamoDB (references/dynamodb.md)
├── Relational SQL ──────────────────► Aurora/RDS (references/aurora.md)
├── Data catalog & ETL ──────────────► Glue (references/glue.md)
└── Data warehouse ──────────────────► Redshift (aws redshift commands)

Streaming & Messaging

Need streaming/messaging?
├── Kafka-compatible ────────────────► MSK (references/msk.md)
├── Real-time streams ───────────────► Kinesis (references/kinesis.md)
├── Message queues ──────────────────► SQS (aws sqs commands)
└── Pub/Sub notifications ───────────► SNS (aws sns commands)

Security & Access

Need security/access management?
├── Users, roles, policies ──────────► IAM (references/iam-security.md)
├── Secrets & credentials ───────────► Secrets Manager/SSM (references/private-parameters.md)
├── Private network access ──────────► VPC (references/vpc-networking.md)
└── Secure tunneling ────────────────► SSM/Bastion (references/bastion-tunneling.md)

Reference File Navigation

ReferenceDescriptionKey Triggers
SetupInstallation, configuration, profiles, SSOinstall, configure, sso, profile
IAM & SecurityRoles, policies, STS, MFA, cross-accountiam, role, policy, sts, assume-role
LambdaFunctions, layers, aliases, URLs, eventslambda, serverless, function
ECSClusters, tasks, services, Fargateecs, fargate, task, container
EKSClusters, node groups, kubeconfig, IRSAeks, kubernetes, kubectl, k8s
ECRRepositories, auth, scanning, lifecycleecr, docker, registry, image
S3Buckets, objects, sync, presign, lifecycles3, bucket, upload, sync
DynamoDBTables, items, queries, streams, backupsdynamodb, ddb, nosql
Aurora/RDSClusters, serverless v2, cloning, blue-greenrds, aurora, mysql, postgresql
GlueCatalog, crawlers, ETL jobs, workflowsglue, etl, catalog, crawler
MSKKafka clusters, serverless, configurationmsk, kafka, streaming
KinesisData streams, Firehose, consumerskinesis, stream, firehose
Secrets & ParamsParameter Store, Secrets Manager, rotationssm, secrets, parameter, rotation
VPC & NetworkingVPCs, subnets, security groups, endpointsvpc, subnet, security-group, endpoint
Bastion & TunnelingSSM Session Manager, port forwardingbastion, tunnel, ssm, ssh
GitHub CI/CDOIDC, GitHub Actions, CodeBuildgithub, actions, oidc, cicd
Advanced PatternsJMESPath, waiters, skeletons, aliasesjmespath, query, waiter, alias

Environment Variables

VariablePurposeExample
AWS_ACCESS_KEY_IDAccess key for authenticationAKIAIOSFODNN7EXAMPLE
AWS_SECRET_ACCESS_KEYSecret key for authenticationwJalrXUtnFEMI/...
AWS_SESSION_TOKENSession token (temporary credentials)For STS assume-role
AWS_PROFILENamed profile to useproduction
AWS_REGIONAWS region for requestsus-west-2
AWS_DEFAULT_OUTPUTDefault output formatjson, text, table
AWS_PAGERPager program (empty to disable)""
AWS_CONFIG_FILECustom config file path~/.aws/config
AWS_SHARED_CREDENTIALS_FILECustom credentials file path~/.aws/credentials
AWS_CA_BUNDLECustom CA certificate bundle/path/to/cert.pem
AWS_RETRY_MODERetry modestandard, adaptive

Credential Precedence

The CLI resolves credentials in this order (first match wins):

  1. Command-line options (--profile, explicit credentials)
  2. Environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
  3. Web identity token (EKS IRSA, OIDC)
  4. SSO credentials (IAM Identity Center)
  5. Credentials file (~/.aws/credentials)
  6. Config file (~/.aws/config with credential_process)
  7. Container credentials (ECS task role)
  8. Instance metadata (EC2 instance profile, IMDSv2)

Common Patterns

Profile Switching

# Use specific profile for one command
aws s3 ls --profile production

# Set default profile for session
export AWS_PROFILE=production

# List configured profiles
aws configure list-profiles

Output Filtering with JMESPath

# Get specific fields
aws ec2 describe-instances \
    --query 'Reservations[*].Instances[*].[InstanceId,State.Name]' \
    --output table

# Filter running instances
aws ec2 describe-instances \
    --query 'Reservations[*].Instances[?State.Name==`running`].InstanceId' \
    --output text

Wait for Resource State

# Wait for instance to be running
aws ec2 wait instance-running --instance-ids i-1234567890abcdef0

# Wait for Lambda function update
aws lambda wait function-updated --function-name my-function

Best Practices

CategoryRecommendation
SecurityUse aws configure sso over long-lived access keys
SecurityUse IAM roles for compute (EC2/Lambda/ECS) instead of embedded keys
SecurityEnable MFA for sensitive operations
ScriptingUse --output json or --output text for parsing
**Scrip

Como adicionar

/plugin marketplace add SpillwaveSolutions/mastering-aws-cli

O comando exato pode variar conforme o repositório. Confira o README no GitHub.

Comentários · Nenhum comentário

Entre para comentar. Entrar

  • Ainda não há comentários. Seja o primeiro.