Skip to main content

AWS CLI

AWS rest API

This is used by AWS Management Console, AWS CLI, AWS SDK, and other AWS services. So in the backend, HTTP restful request is used for actually carrying out those resource management actions.

Documentation is available for those rest API call for lots of services. You will resort to using rest API to interact with the AWS resources if a programming language doesn't have a library that provides the wrapper for those rest API calls.

AWS API Security

API calls must be authenticated before you can use it. Authentication can be made with valid

  1. Account username and password (For console access)
  2. IAM user access key ID and secret (For CLI)
  3. IAM temporary credentials (This is for SDKs). OAuth for authentication.

All API calls can be logged using CloudTrail for security.

AWS CLI

Send those API calls ot the AWS cloud.

AWS Cloud9 IDE

Integrated development environment running on a EC2.

Has CLI pre-installed. It has increased security for credentials because it isn't saved locally on your computer.

AWS configure

By default the default profile (user) that it uses for its credential in the CLI is named "default". Use aws configure list to see is AWS currently using, if it is empty then it is "default".

To change the credential that you are using export the environmental variable export AWS_PROFILE=<profile> and set it to the profile that you want to use the credentials for. Then from onward the CLI will be using that user's credential for the AWS access.

By default, all of the AWS credentials are stored under ~/.aws/credentials. Non-sensitive information like configuration of the regions are under ~/.aws/configure

 

 

 

 

 

No Comments
Back to top