AWS CLI – Cheat Sheet
AWS CLI Documentation
CLI User Guide
CLI Reference
IAM
| AWS CLI Command | Description |
|---|---|
aws iam list-users | List IAM users |
aws iam create-user --user-name my-user | Create an IAM user |
aws iam delete-user --user-name my-user | Delete an IAM user |
aws iam create-access-key --user-name my-user | Create an access key for an IAM user |
aws iam delete-access-key --user-name my-user --access-key-id AKIAIOSFODNN7EXAMPLE | Delete an access key for an IAM user |
aws iam list-groups | List IAM groups |
aws iam create-group --group-name my-group | Create an IAM group |
aws iam delete-group --group-name my-group | Delete an IAM group |
aws iam add-user-to-group --user-name my-user --group-name my-group | Add an IAM user to an IAM group |
aws iam remove-user-from-group --user-name my-user --group-name my-group | Remove an IAM user from an IAM group |
aws iam list-policies | List IAM policies |
aws iam create-policy --policy-name my-policy --policy-document file://my-policy.json | Create an IAM policy |
S3
These commands can be used to list and retrieve information about S3 buckets, such as their contents, access control lists, policies, versioning, encryption, and logging settings.
| AWS CLI Command | Description |
|---|---|
aws s3 ls | List all S3 buckets |
aws s3 ls s3://bucket-name | List contents of a specific S3 bucket |
aws s3api get-bucket-acl --bucket bucket-name | Get the access control list (ACL) for an S3 bucket |
aws s3api get-bucket-policy --bucket bucket-name | Get the bucket policy for an S3 bucket |
aws s3api get-bucket-versioning --bucket bucket-name | Get the versioning state for an S3 bucket |
aws s3api get-bucket-encryption --bucket bucket-name | Get the encryption state for an S3 bucket |
aws s3api get-bucket-logging --bucket bucket-name | Get the logging state for an S3 bucket |
aws s3api list-objects --bucket bucket-name | List objects in an S3 bucket |
aws s3api head-object --bucket bucket-name --key key-name | Get information about an object in an S3 bucket (e.g. size, storage class, etc.) |
EC2
The EC2 command list below is useful for managing EC2-related AWS resources. It can be used to list, start, stop, reboot, and terminate EC2 instances, as well as create and launch new instances from Amazon Machine Images (AMIs). These commands are also useful for managing EC2 security groups and adding ingress rules.
| AWS CLI Command | Description |
|---|---|
aws ec2 describe-instances | List EC2 instances |
aws ec2 describe-instances --instance-ids i-1234567890abcdef0 | Get details for a specific EC2 instance |
aws ec2 start-instances --instance-ids i-1234567890abcdef0 | Start an EC2 instance |
aws ec2 stop-instances --instance-ids i-1234567890abcdef0 | Stop an EC2 instance |
aws ec2 reboot-instances --instance-ids i-1234567890abcdef0 | Reboot an EC2 instance |
aws ec2 terminate-instances --instance-ids i-1234567890abcdef0 | Terminate an EC2 instance |
aws ec2 describe-images --owners amazon | List Amazon Machine Images (AMIs) |
aws ec2 create-image --instance-id i-1234567890abcdef0 --name "My AMI" | Create an AMI from an EC2 instance |
aws ec2 run-instances --image-id ami-1234567890abcdef0 --count 1 --instance-type t2.micro | Launch an EC2 instance from an AMI |
aws ec2 describe-security-groups | List EC2 security groups |
aws ec2 create-security-group --group-name my-sg --description "My security group" | Create an EC2 security group |
aws ec2 authorize-security-group-ingress --group-name my-sg --protocol tcp --port 22 --cidr 0.0.0.0/0 | Add an ingress rule to an EC2 security group |