Skip to content

aws cli cheatsheet

EC2 (Elastic Compute Cloud)#

Instances#

  • List all instances:
aws ec2 describe-instances
  • Start an instance:
aws ec2 start-instances --instance-ids <instance-id>
  • Stop an instance:
aws ec2 stop-instances --instance-ids <instance-id>
  • Reboot an instance:
aws ec2 reboot-instances --instance-ids <instance-id>
  • Terminate an instance:
aws ec2 terminate-instances --instance-ids <instance-id>

Key Pairs#

  • List key pairs:
aws ec2 describe-key-pairs
  • Create a key pair:
aws ec2 create-key-pair --key-name <key-name>

Security Groups#

  • List security groups:
aws ec2 describe-security-groups
  • Create a security group:
aws ec2 create-security-group --group-name <group-name> --description "<description>"

S3 (Simple Storage Service)#

Buckets#

  • List all buckets:
aws s3 ls
  • Create a bucket:
aws s3 mb s3://<bucket-name>
  • Delete a bucket:
aws s3 rb s3://<bucket-name> --force

Objects#

  • List objects in a bucket:
aws s3 ls s3://<bucket-name>/
  • Upload a file:
aws s3 cp <local-file> s3://<bucket-name>/
  • Download a file:
aws s3 cp s3://<bucket-name>/<file-name> <local-path>
  • Sync local directory with S3 bucket:
aws s3 sync <local-dir> s3://<bucket-name>
  • Delete an object:
aws s3 rm s3://<bucket-name>/<file-name>

RDS (Relational Database Service)#

Instances#

  • List RDS instances:
aws rds describe-db-instances
  • Start an RDS instance:
aws rds start-db-instance --db-instance-identifier <db-instance-id>
  • Stop an RDS instance:
aws rds stop-db-instance --db-instance-identifier <db-instance-id>
  • Delete an RDS instance:
aws rds delete-db-instance --db-instance-identifier <db-instance-id> --skip-final-snapshot

Snapshots#

  • List DB snapshots:
aws rds describe-db-snapshots
  • Create a DB snapshot:
aws rds create-db-snapshot --db-instance-identifier <db-instance-id> --db-snapshot-identifier <snapshot-name>

ECR (Elastic Container Registry)#

Repositories#

  • List all repositories:
aws ecr describe-repositories
  • Create a repository:
aws ecr create-repository --repository-name <repository-name>
  • Delete a repository:
aws ecr delete-repository --repository-name <repository-name> --force

Images#

  • List images in a repository:
aws ecr list-images --repository-name <repository-name>
  • Authenticate Docker with ECR:
aws ecr get-login-password --region <region> | docker login --username AWS --password-stdin <account-id>.dkr.ecr.<region>.amazonaws.com
  • Push an image to ECR:
docker push <account-id>.dkr.ecr.<region>.amazonaws.com/<repository-name>:<tag>

IAM (Identity and Access Management)#

Users#

  • List users:
aws iam list-users
  • Create a user:
aws iam create-user --user-name <user-name>
  • Delete a user:
aws iam delete-user --user-name <user-name>

Roles#

  • List roles:
aws iam list-roles
  • Create a role:
aws iam create-role --role-name <role-name> --assume-role-policy-document file://<policy-file>.json
  • Delete a role:
aws iam delete-role --role-name <role-name>

Policies#

  • List policies:
aws iam list-policies
  • Attach a policy to a user:
aws iam attach-user-policy --user-name <user-name> --policy-arn <policy-arn>

Credentials#

Configure AWS CLI#

  • Configure CLI with credentials:
aws configure

Profile Management#

  • Use a specific profile:
aws <service> <command> --profile <profile-name>
  • List all profiles:
cat ~/.aws/credentials
  • Set environment variables for credentials:
export AWS_ACCESS_KEY_ID=<your-access-key>
export AWS_SECRET_ACCESS_KEY=<your-secret-key>
export AWS_DEFAULT_REGION=<your-region>

Rotate Access Keys#

  • List access keys:
aws iam list-access-keys --user-name <user-name>
  • Create a new access key:
aws iam create-access-key --user-name <user-name>
  • Delete an access key:
aws iam delete-access-key --access-key-id <access-key-id> --user-name <user-name>