aws cli 服务_如何使用AWS CLI从键盘直接运行云服务-无需GUI

aws cli 服务

I’ll bet you’ve already got some stuff running on AWS and you made it happen using the browser console. But I’ll also bet that you already suspect that clicking your way through layers and layers of configuration pages isn’t always going to be the best approach. If fact, the AWS CLI is a better way that’ll get the exact same work done, but with a whole lot less effort.

我敢打赌，您已经在AWS上运行了一些东西，并且使用浏览器控制台实现了它。 但我还要打赌，您已经怀疑单击配置页面的各层并不总是最好的方法。 如果确实如此，AWS CLI是一种更好的方法，它可以完成完全相同的工作，但省力得多。

Using content adapted from my Pluralsight course: Automating AWS Operations with the AWS CLI, let me quickly demonstrate. Suppose you want to launch an Amazon Linux instance from EC2. To get it up and running, you’ll need to…

使用我的Pluralsight课程中的内容：通过AWS CLI自动化AWS操作 ，让我快速演示一下。 假设您要从EC2启动Amazon Linux实例。 要启动并运行它，您需要...

• Load the EC2 Dashboard page
  加载EC2仪表板页面
• Click Launch Instance
  单击启动实例
• Select an AMI from the AMI page
  从“ AMI”页面中选择一个AMI
• Select an instance type from the Instance Type page
  从“实例类型”页面中选择一个实例类型
• Set network, IAM, life cycle behavior, and user data settings on the Configure Instance Details page
  在“配置实例详细信息”页面上设置网络，IAM，生命周期行为和用户数据设置
• Select one or more storage volumes on the Add Storage page
  在“添加存储”页面上选择一个或多个存储卷
• Add tags on the Add Tags page
  在“添加标签”页面上添加标签
• Select or configure a security group on the — wait for it — Configure Security Group page
  在“等待中”“配置安全组”页面上选择或配置安全组
• And finally review and launch your instance on the page named (what else?) Review and Launch
  最后，在名为(还有其他内容？)的页面上查看并启动您的实例。

And don’t forget clicking through the pop up where you’ll confirm your key pair and then heading back to the EC2 Instances dashboard to get your instance data (like IP addresses).

而且，不要忘记单击弹出窗口，在该弹出窗口中您将确认密钥对，然后回到EC2实例仪表板以获取实例数据(例如IP地址)。

Sound like fun to you? Will it still sound like fun if you’re working with a slow internet connection? And how about if you need to perform variations of this process a half dozen times a week?

对您来说听起来很有趣？ 如果您使用缓慢的Internet连接，听起来还是很有趣？ 如果您需要每周进行六次此流程的变体，那又如何呢？

Want to see how you’d fire up that configuration using the AWS CLI from a Bash shell (which you can run within Linux, macOS, and now even Windows 10)? Note how I used back slashes to tell Bash that the command isn’t complete yet. Hitting Enter gets the whole mess up and running.

是否想查看如何通过Bash Shell(可在Linux，macOS甚至现在的Windows 10中运行)使用AWS CLI启动该配置？ 请注意，我如何使用反斜杠来告诉Bash该命令尚未完成。 击中Enter键可启动并运行整个程序。

aws ec2 run-instances --image-id ami-04681a1dbd79675a5 \
 --count 1 \
 --instance-type r5d.large \
 --key-name MyKeyPair \
 --security-group-ids sg-007e43f80a1758f29 \
 --subnet-id subnet-970ec9f0 \
 --user-data file://my_script.sh \
 --tag-specifications \
 ‘ResourceType=instance,Tags=[{Key=backend,Value=inventory1}]’

That precise command won’t work for you if you just paste it into your terminal and run it. The security group and subnet IDs are specific to my account, and you probably haven’t got a key pair called MyKeyPair or a script file called my_script.sh. But that does show you that, once you’ve done some basic up-front research to get all the right values and confirmed that it works, you’ll be able to save the command into a script file that you can modify and run whenever necessary. This can drop a five minute process down to a couple of seconds.

如果仅将其粘贴到终端中并运行它，那么该精确命令将对您不起作用。 安全组和子网ID特定于我的帐户，您可能没有名为MyKeyPair的密钥对或名为my_script.sh的脚本文件。 但这确实表明，一旦完成了一些基本的前期研究以获取所有正确的值并确认它可以工作，您就可以将命令保存到脚本文件中，您可以在任何时候修改和运行该文件必要。 这可以将五分钟的过程缩短到几秒钟。

The best place to go for up-to-date CLI installation instructions for your operating system is this AWS documentation page. Your best bet will normally be the Python package manager approach using PIP.

有关您的操作系统的最新CLI安装说明的最佳位置是此AWS文档页面 。 最好的选择通常是使用PIP的Python软件包管理器方法。

Getting your CLI configured to securely access and administrate your AWS account resources is fairly straightforward. Although you will first need to generate (and copy/record) an access key for your AWS user from the My Security Credentials link in the account drop down menu back in the console. When that’s done, simply type “aws configure” at the command prompt and enter the Access Key ID and Secret Access Key you got from My Security Credentials. You can optionally choose default region and output format values.

配置您的CLI以安全地访问和管理您的AWS账户资源非常简单。 尽管您首先需要从控制台的帐户下拉菜单中的“我的安全证书”链接为您的AWS用户生成(并复制/记录)访问密钥。 完成后，只需在命令提示符下键入“ aws configure”，然后输入从“我的安全证书”中获得的访问密钥ID和秘密访问密钥。 您可以选择默认区域和输出格式值。

worker@workstation:~$ aws configure
AWS Access Key ID [****************KB2Q]: 
AWS Secret Access Key [****************W/Cu]: 
Default region name [us-east-1]: 
Default output format [text]: 
worker@workstation:~$

AWS CLI语法模式 (AWS CLI Syntax Patterns)

You’re now all set to begin. Let’s start by breaking the command syntax down into its component parts and illustrate how it all works using practical examples. After the aws command prefix, a CLI command is made up of options (which, as the name suggests, are optional), commands, subcommands, and parameters.

现在您已经准备好开始。 首先，将命令语法分解为各个组成部分，并通过实际示例说明其工作方式。 在aws命令前缀之后，CLI命令由选项 (顾名思义，是可选的)， 命令 ， 子命令和参数组成 。

aws [options] <command> <subcommand> [parameters]

This example will return all the EC2 AMI images officially maintained by Amazon that run the CentOS Linux operating system.

此示例将返回由Amazon正式维护的，运行CentOS Linux操作系统的所有EC2 AMI映像。

aws --output table ec2 describe-images \
 --filters “Name=description,Values=*CentOS*” \
 “Name=owner-alias,Values=amazon”

It uses the output option, giving it the value of “table” to display text output in tables. The top-level command here is ec2. Most — if not all — top-level commands will invoke specific AWS services. s3, iam, and dynamodb are other examples.

它使用output选项，将其值设置为“ table ”以在表中显示文本输出。 此处的顶级命令是ec2。 大多数(如果不是全部)顶级命令将调用特定的AWS服务。 s3，iam和dynamodb是其他示例。

The subcommand is describe-images, which will return data related to all the Amazon Machine Images currently available to use for your EC2 instances. That would return an awful lot of data, as there are many hundreds of AMIs and each one of them is represented by a lot of metadata. So you’ll want to narrow down the search just a bit. For that, I provided two values to the — filters parameter: the image description should contain the word CentOS — capitalizing the c, o, and s since this will be case sensitive, and the owner-alias value must equal amazon.

子命令为describe-images ，它将返回与当前可用于您的EC2实例的所有Amazon Machine Images相关的数据。 这将返回大量数据，因为有数百个AMI，并且每个AMI由许多元数据表示。 因此，您只需要缩小搜索范围即可。 为此，我为— filter参数提供了两个值：图像描述中应包含单词CentOS —将c，o和s大写，因为这将区分大小写，并且owner-alias值必须等于Amazon 。

You’ll often run describe-based subcommands to get important resource IDs that you can then plug into your actual action commands. That CentOS image ID would typically be used as part of an ec2 run-instances command to actually launch an instance.

您通常会运行基于describe的子命令来获取重要的资源ID，然后将其插入实际的操作命令中。 该CentOS映像ID通常将用作ec2 run-instances命令的一部分，以实际启动实例。

Besides describe and run, other common subcommands will begin with verbs like create, delete, enable, disable, modify, request, stop, and terminate.

除了describe and run，其他常见的子命令还将以动词开头，例如create，delete，enable，disable，modify，request，stop和终止。

Options include region, output, and profile — which you’ve already seen — plus dry-run, which will do nothing, but instead display the output your command would generate if it were actually run. This can be very useful when you’re not sure you’ve got the syntax quite right. Let’s try running that ec2 run-instances command from above, but this time adding dry-run.

选项包括region ， output和profile (您已经看到过)以及dry-run ，它们什么都不做，而是显示如果命令实际运行将生成的输出。 当您不确定语法是否正确时，这可能非常有用。 让我们尝试从上面运行ec2 run-instances命令，但是这次添加dry-run 。

S3示例 (S3 Example)

It’s time for a little S3 magic. I’ve got a business that needs a simple website without any database access or javascript bells and whistles. Just some regular, run of the mill, HTML5 goodness. So I’m going to create, carefully configure, and populate my bucket so that it’ll work as a static website — or, in other words, so that incoming traffic will automatically be directed to the index.html file I’ve created.

是时候使用S3了。 我的业务需要一个简单的网站，而没有任何数据库访问权限或JavaScript的风吹草动。 只是一些常规HTML5优点。 因此，我将创建，仔细配置和填充我的存储桶，以便它可以作为静态网站使用-换句话说，这样传入的流量将自动定向到我创建的index.html文件。

Although it won’t play any role in this demo, I’m eventually going to want to set up a .com domain name in Amazon’s Route 53 that points to the site, so I’ll need to create an S3 bucket with exactly that name — .com and all. I make a bucket using mb and a globally unique bucket name.

尽管它不会在此演示中发挥任何作用，但我最终还是要在指向该站点的Amazon Route 53中设置一个.com域名，因此，我需要使用一个确切的名称创建一个S3存储桶名称-.com等。 我使用mb和全局唯一的存储桶名称创建存储桶。

aws s3 mb s3://mysite548.com

The bucket will have to be publicly readable, so I’ll use s3api put-bucket-acl, along with the bucket and acl parameters. The latter of those will take the value public-read.

存储桶必须是公开可读的，因此我将使用s3api put-bucket-acl以及存储桶和acl参数。 后者将具有公开阅读的价值。

aws s3api put-bucket-acl --bucket mysite548.com --acl public-read

Next I’ll use s3 sync to move all the contents of my current local directory up to my bucket. I’ve created three files: index.html is the default web page and error.html will be the page that’s loaded when a non-existent resource is requested. There’s also a small image to help prettify the demonstration. The acl public-read parameter will give the files themselves the same permissions as the bucket.

接下来，我将使用s3 sync将当前本地目录中的所有内容移到存储桶中。 我创建了三个文件： index.html是默认的网页，而error.html将是在请求不存在的资源时加载的页面。 还有一个小图像可以帮助美化演示。 acl public-read参数将为文件本身赋予与存储桶相同的权限。

aws s3 sync . s3://mysite548.com --acl public-read

Finally, I’ll define the purpose of those html files for S3 using “s3 website”. The index-document and error-document parameters simply point to the relevant files. You don’t need to use those specific filenames, by the way, that’s just me. I’ll confirm that operation using s3api get-bucket-website.

最后，我将使用“ s3网站”为S3定义这些html文件的用途。 index-document和error-document参数仅指向相关文件。 顺便说一句，您不需要使用那些特定的文件名，仅此而已。 我将使用s3api get-bucket-website确认该操作。

aws s3 website s3://mysite548.com/ --index-document index.html --error-document error.html
aws s3api get-bucket-website --bucket mysite548.com

下一步是什么？ (What’s Next?)

The command syntax of the AWS CLI is fairly intuitive. Nevertheless, you will often need help getting it exactly right. As I show in the Pluralsight course, you can get excellent guidance from the help system at the command line, or from the AWS online documentation. My Learn Amazon Web Services in a Month of Lunches book also contains useful guidance and examples.

AWS CLI的命令语法非常直观。 但是，您经常需要帮助以使其完全正确。 正如我在Pluralsight课程中所展示的 ，您可以从命令行的帮助系统或AWS在线文档中获得出色的指导。 我在一个月的午餐中学习Amazon Web Services本书还包含有用的指导和示例。

This article is an excerpt adapted from my new Pluralsight course, Automating AWS Operations with the AWS CLI.

本文摘录自我的新 Pluralsight课程“使用AWS CLI自动执行AWS操作”。

翻译自: https://www.freecodecamp.org/news/administrating-aws-resources-productively-using-the-aws-cli/

aws cli 服务