SQL DBA Blog

Category: AWS

AWS Amazon Web Services Blog Archives, by Peter Whyte (Database Administrator). Includes IAM, Redshift, RDS, EC2, Cloudformation & more.

  • How to Set Environment Variables in PowerShell

    How to Set Environment Variables in PowerShell

    To get environment variables in PowerShell, we can use Get-ChildItem env: to list all the environment variables and $env: to return the value of a specific environment variable. This blog post should help explain this as well as how to set new values for Environment Variables.

    An environment variable is a value that is stored on a computer and can be accessed and used by programs to alter their behaviour. For example, in the AWS CLI you can set an environment variable called “AWS_REGION” and assign it a value such as “eu-west-1”. Then, you could have a program that reads this environment variable and uses it to specify the AWS region when making API requests.

    In PowerShell, you can access environment variables using a number of different cmdlets. This post covers cover two of the most common methods, Get-ChildItem and Get-Item.

    This post will cover the following:
    List All Environment Variables
    Get Value of a Specific Environment Variable
    Set New Environment Variable

    List All Environment Variables

    To list all of the environment variables on your system, use the Get-ChildItem cmdlet with the Env: drive. This displays a list of all the environment variables and their current values.

    You can also run gci which is an alias for Get-ChildItem as displayed in my screenshots below.

    # List all environment variables
Get-ChildItem Env:
    PowerShell gci env:

    Get Value of a Specific Environment Variable

    To return the value of an environment variable in PowerShell, run the following:

    # Get the value of the aws_default_region environment variable
gci Env:\AWS_DEFAULT_REGION

# Do the same but alt (easier) syntax
$env:AWS_DEFAULT_REGION
    PowerShell Show Environment Variable Value

    Set New Environment Variable

    To set a new value for the AWS_DEFAULT_REGION environment variable with PowerShell, use the following command: 

    # Set the AWS Default Region Environment Variable
$env:AWS_DEFAULT_REGION="eu-west-2"
    PowerShell Set Environment Variable

  • How to Manage S3 Buckets with AWS CLI

    How to Manage S3 Buckets with AWS CLI

    This is a post on how to help manage S3 Buckets with AWS CLI, and to help explain some local Operating System (OS) considerations when running such commands.

    First of all, you will need to be authenticated to your AWS Account and have AWS CLI installed. I cover this in previous blog posts:
    # How to Install and Configure AWS CLI on Windows
    # How to Install and Configure AWS CLI on Ubuntu

    I’m more often involved in the PowerShell side rather than Linux. AWS CLI commands do the same thing in both environments, but the native (OS) language is used around it for manipulating data for output and for other things like wrapping commands in a For Each loop. All commands in this post can run on either OS.

    PowerShell is cross-platform and has supported various Linux & DOS commands since its release. Some are essential for everyday use, for example, ping, cd, ls, mkdir, rm, cat, pwd and more. There are more commands being added over time like tar and curl which is good to see. Plus, we have WSL to help integrate non-supported Linux commands.

    Here’s one of the simplest examples which list all S3 buckets the executing IAM User owns within your AWS Account. 

    # List all buckets in an AWS Account
aws s3 ls
    AWS S3 List Buckets

    The Default Region is configured during the AWS CLI Configuration as linked above. We can change this by running aws configure set region or configure your Environment Variables. Alternatively, we can pass in the –Region variable after ‘ls’ in the command to get a specific Region’s S3 Buckets. There are more ways for us to run commands across multiple Regions which I hope to cover another day.

    Now I’m going to run a command to show me the Access Control List (ACL) of the bucket, using the list of Bucket Names I ran in the previous command. This time, I’m utilising the s3api command rather than s3 – look here for more information on the differences between them. When running AWS CLI commands these API docs will always help you out.

    # Show S3 Bucket ACL
aws s3api get-bucket-acl --bucket my-bucket

    Next up, I’m going to create a bucket using the s3 command rather than s3api. The reason I’m doing this is, I want to rely on my Default Region for the new S3 Bucket, rather than specifying it within the command. Here’s AWS’s explanation of this –

    “Regions outside of us-east-1 require the appropriate LocationConstraint to be specified in order to create the bucket in the desired region – “
    –create-bucket-configuration LocationConstraint=eu-west-1
    AWS API Docs

    The following command is creating a new S3 Bucket in my Default Region and I’m verifying the location with get-bucket-location afterwards.

    # Change AWS CLI Default Region
aws configure set region eu-west-1

# Create a new S3 Bucket in your Default Region
aws s3 mb s3://pw-blog-bucket-101

# Check the Region of a S3 Bucket
aws s3api get-bucket-location --bucket pw-blog-bucket-101 --output text

    And finally, to finish this off I’m going to:
    – Create a folder (known as Object) within the new Bucket.
    – List items in the S3 Bucket.
    – Copy a file from my desktop into the folder.
    – List items in the S3 Bucket.
    – Delete the Bucket.

    # Create folder/object within a S3 Bucket
aws s3api put-object --bucket pw-blog-bucket-101 --key folder1/

# Show objects within S3 Bucket
aws s3 ls s3://pw-blog-bucket-101 --recursive --human-readable

# Copy a local file into the folder above
aws s3 cp .\Upload2S3.txt s3://pw-blog-bucket-101/folder1

# Show objects within S3 Bucket
aws s3 ls s3://pw-blog-bucket-101 --recursive --human-readable

# Delete the S3 Bucket
aws s3 rb s3://pw-blog-bucket-101

# List the S3 Bucket above (expect error)
aws s3 ls s3://pw-blog-bucket-101

  • How to Install & Configure AWS CLI on Ubuntu

    How to Install & Configure AWS CLI on Ubuntu

    This post should help guide you through the process of installing and configuring AWS CLI (version 1) on Ubuntu (20.04).

    The following areas are covered in this demo:
    Updating Local Packages
    Installing AWS CLI on Ubuntu
    Checking Installed AWS CLI Version
    Configuring AWS Profile
    Running AWS CLI Commands

    Updating Local Packages

    To start, update your local packages by running the following command:

    # update local packages ubuntu
sudo apt-get update

    Installing AWS CLI on Ubuntu

    You can install AWS CLI on Ubuntu by running the following command:

    # install awscli ubuntu
sudo apt-get install awscli

    Checking Installed AWS CLI Version

    After the installation is complete, check the version of AWS CLI that was installed by running:

    # check version of awscli installed
aws --version

    Configuring Your AWS Profile

    Once you have confirmed the version, you can run aws configure to set up your AWS profile. Your Access Key ID and Secret Access Key can be found and recreated in the AWS IAM Console, which I have covered in my previous post on installing and configuring AWS CLI on Windows. 

    # configure aws profile
aws configure

    For reference, here are the output config files – this is an area that gets touched a lot.

    Running AWS CLI Commands

    Once you have completed the configuration, you can run AWS CLI commands like the following example, which lists all the buckets in your AWS account that begin with the pw-* prefix:

    Note that this is not the only way to install AWS CLI on Ubuntu, and this guide covers version 1 of AWS CLI.

  • How to Install and Configure AWS CLI on Windows

    How to Install and Configure AWS CLI on Windows

    This post is a how-to for installing & configuring AWS CLI (Version 2) on Windows.

    In this guide, we’re going to download the AWS Command Line Interface installation media and run through the simple installation. Once done we’ll configure AWS CLI, which you’ll need an AWS Account to do so.

    # Install AWS CLI V2 on Windows
    # Configure AWS CLI V2

    Install AWS CLI V2

    Download AWS CLI V2 and run through the MSI installer. Run the .msi file you downloaded, and click next, next & done to complete the installation.

    Alternatively, we can install AWS CLI using the PowerShell commands below. 

    # Download AWS CLI msi file, output to current directory
Invoke-WebRequest -Uri https://awscli.amazonaws.com/AWSCLIV2.msi -UseBasicParsing -OutFile 'AWSCLIV2.msi'

# Run AWS CLI install
.\AWSCLIV2.msi
    AWS CLI Install Windows

    When the installation completes, close and re-open any terminals you have open. You should remember/consider doing this every time you install a package for development, close/reopen your VS Code or Windows Terminal.

    Open your command terminal and verify the AWS CLI install by checking the version. Run ‘aws –version‘ as shown in the example below.

    Check AWS CLI Version Windows

    Configure AWS CLI V2

    Now that we have AWS CLI installed on our machine, we need to open a web browser for the next steps, and head to the AWS Console.

    Open AWS IAM and create/select a user with appropriate permissions. My ‘pete‘ login has full Admin (AdministratorAccess Policy) in this case.

    AWS IAM Users

    Click on the Security Credentials tab within the user properties.

    AWS IAM User Creds

    Scroll down to view & create Access Keys. Click to create a new key to see both the Access key ID and Secret Access Key of existing keys.

    AWS IAM User Access Keys

    Open PowerShell and run ‘aws configure‘. You’ll be prompted for:
    AWS Access Key ID (above)
    AWS Secret Access Key (above)
    Default Region Name
    Default Output Format

    AWS CLI Check Version in PowerShell

    Once you’ve entered these details for the first time it’ll save your details, so for me above I’m just hitting enter at each prompt.

    Run ‘aws sts get-caller-identity‘ to confirm what you’re logged in as.

    AWS sts-get-caller-identity
  • AWS CLI – List IAM Users

    AWS CLI – List IAM Users

    AWS CLI – List IAM Users

    The aws iam list-users is a handy command for managing your AWS IAM users. It lets you get a list of all the users in your AWS account, along with some basic info about each one.

    You can use the --query option to choose which info you want to see for each user. In the example you gave, the query grabs the user name, Amazon Resource Name (ARN), and create date. Here’s how the command looks:

    aws iam list-users --query "Users[*].{Name:UserName,arn:Arn, CreateDate:CreateDate}"
    AWS CLI List Users

    The output of the command will be a list of JSON objects, each with the info you chose to see for a single user. This can be useful for quickly getting an overview of your IAM users and their details.

    You can find more detailed information about the iam list-users command, as well as the other iam commands, in the AWS CLI documentation: https://docs.aws.amazon.com/cli/latest/reference/iam/index.html#cli-aws-iam.