AWS CLI

Copier toutes les commandes Générer PDF

Commandes complètes AWS CLI et workflows pour la gestion de l'infrastructure Amazon Web Services, y compris EC2, S3, Lambda, et plus.

Installation & Configuration

Command	Description
`aws configure`	Configure AWS credentials and region
`aws configure list`	Show current configuration
`aws configure set region us-west-2`	Set default region
`aws configure set output json`	Set output format
`aws sts get-caller-identity`	Verify current identity
`aws configure list-profiles`	List all configured profiles
`aws configure --profile myprofile`	Configure named profile

EC2 (Cloud de calcul élastique)

Gestion des instances

Command	Description
`aws ec2 describe-instances`	List all instances
`aws ec2 run-instances --image-id ami-12345 --instance-type t2.micro`	Launch instance
`aws ec2 start-instances --instance-ids i-1234567890abcdef0`	Start instance
`aws ec2 stop-instances --instance-ids i-1234567890abcdef0`	Stop instance
`aws ec2 terminate-instances --instance-ids i-1234567890abcdef0`	Terminate instance
`aws ec2 reboot-instances --instance-ids i-1234567890abcdef0`	Reboot instance

Groupes de sécurité

Command	Description
`aws ec2 describe-security-groups`	List security groups
`aws ec2 create-security-group --group-name MySecurityGroup --description "My security group"`	Create security group
`aws ec2 authorize-security-group-ingress --group-id sg-12345 --protocol tcp --port 80 --cidr 0.0.0.0/0`	Add inbound rule
`aws ec2 revoke-security-group-ingress --group-id sg-12345 --protocol tcp --port 80 --cidr 0.0.0.0/0`	Remove inbound rule

Paires de clés

Command	Description
`aws ec2 describe-key-pairs`	List key pairs
`aws ec2 create-key-pair --key-name MyKeyPair --query 'KeyMaterial' --output text > MyKeyPair.pem`	Create key pair
`aws ec2 delete-key-pair --key-name MyKeyPair`	Delete key pair

S3 (Service de stockage simple)

Opérations de seau

Command	Description
`aws s3 ls`	List all buckets
`aws s3 mb s3://my-bucket`	Create bucket
`aws s3 rb s3://my-bucket`	Remove empty bucket
`aws s3 rb s3://my-bucket --force`	Remove bucket and all contents
`aws s3 ls s3://my-bucket`	List objects in bucket
`aws s3 ls s3://my-bucket --recursive`	List all objects recursively

Opérations de fichiers

Command	Description
`aws s3 cp file.txt s3://my-bucket/`	Upload file
`aws s3 cp s3://my-bucket/file.txt .`	Download file
`aws s3 sync ./local-folder s3://my-bucket/`	Sync local folder to S3
`aws s3 sync s3://my-bucket/ ./local-folder`	Sync S3 to local folder
`aws s3 rm s3://my-bucket/file.txt`	Delete file
`aws s3 rm s3://my-bucket/ --recursive`	Delete all files in bucket

Opérations avancées S3

Command	Description
`aws s3api get-bucket-versioning --bucket my-bucket`	Check versioning status
`aws s3api put-bucket-versioning --bucket my-bucket --versioning-configuration Status=Enabled`	Enable versioning
`aws s3api get-bucket-encryption --bucket my-bucket`	Check encryption
`aws s3api put-bucket-encryption --bucket my-bucket --server-side-encryption-configuration file://encryption.json`	Enable encryption

Lambda

Gestion des fonctions

Command	Description
`aws lambda list-functions`	List all functions
`aws lambda create-function --function-name my-function --runtime python3.9 --role arn:aws:iam::123456789012:role/lambda-role --handler lambda_function.lambda_handler --zip-file fileb://function.zip`	Create function
`aws lambda update-function-code --function-name my-function --zip-file fileb://function.zip`	Update function code
`aws lambda invoke --function-name my-function output.txt`	Invoke function
`aws lambda delete-function --function-name my-function`	Delete function

Configuration de la fonction

Command	Description
`aws lambda get-function --function-name my-function`	Get function details
`aws lambda update-function-configuration --function-name my-function --timeout 30`	Update timeout
`aws lambda update-function-configuration --function-name my-function --memory-size 256`	Update memory
`aws lambda put-function-event-invoke-config --function-name my-function --maximum-retry-attempts 1`	Configure retries

IAM (Gestion de l'identité et de l'accès)

Gestion des utilisateurs

Command	Description
`aws iam list-users`	List all users
`aws iam create-user --user-name myuser`	Create user
`aws iam delete-user --user-name myuser`	Delete user
`aws iam get-user --user-name myuser`	Get user details
`aws iam create-access-key --user-name myuser`	Create access key
`aws iam delete-access-key --user-name myuser --access-key-id AKIAIOSFODNN7EXAMPLE`	Delete access key

Gestion des rôles

Command	Description
`aws iam list-roles`	List all roles
`aws iam create-role --role-name MyRole --assume-role-policy-document file://trust-policy.json`	Create role
`aws iam attach-role-policy --role-name MyRole --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess`	Attach policy to role
`aws iam detach-role-policy --role-name MyRole --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess`	Detach policy from role

Gestion des politiques

Command	Description
`aws iam list-policies`	List all policies
`aws iam create-policy --policy-name MyPolicy --policy-document file://policy.json`	Create policy
`aws iam delete-policy --policy-arn arn:aws:iam::123456789012:policy/MyPolicy`	Delete policy
`aws iam get-policy --policy-arn arn:aws:iam::123456789012:policy/MyPolicy`	Get policy details

NuageFormation

Gestion des piles

Command	Description
`aws cloudformation list-stacks`	List all stacks
`aws cloudformation create-stack --stack-name my-stack --template-body file://template.yaml`	Create stack
`aws cloudformation update-stack --stack-name my-stack --template-body file://template.yaml`	Update stack
`aws cloudformation delete-stack --stack-name my-stack`	Delete stack
`aws cloudformation describe-stacks --stack-name my-stack`	Get stack details
`aws cloudformation describe-stack-events --stack-name my-stack`	Get stack events

Opérations du modèle

Command	Description
`aws cloudformation validate-template --template-body file://template.yaml`	Validate template
`aws cloudformation estimate-template-cost --template-body file://template.yaml`	Estimate costs
`aws cloudformation get-template --stack-name my-stack`	Get stack template

RDS (Service de base de données relationnelles)

Gestion des instances dans la base de données

Command	Description
`aws rds describe-db-instances`	List all DB instances
`aws rds create-db-instance --db-instance-identifier mydb --db-instance-class db.t3.micro --engine mysql --master-username admin --master-user-password mypassword --allocated-storage 20`	Create DB instance
`aws rds start-db-instance --db-instance-identifier mydb`	Start DB instance
`aws rds stop-db-instance --db-instance-identifier mydb`	Stop DB instance
`aws rds delete-db-instance --db-instance-identifier mydb --skip-final-snapshot`	Delete DB instance

Captures de données

Command	Description
`aws rds describe-db-snapshots`	List all snapshots
`aws rds create-db-snapshot --db-instance-identifier mydb --db-snapshot-identifier mydb-snapshot`	Create snapshot
`aws rds restore-db-instance-from-db-snapshot --db-instance-identifier mydb-restored --db-snapshot-identifier mydb-snapshot`	Restore from snapshot
`aws rds delete-db-snapshot --db-snapshot-identifier mydb-snapshot`	Delete snapshot

VPC (Cloud privé virtuel)

VPC Gestion

Command	Description
`aws ec2 describe-vpcs`	List all VPCs
`aws ec2 create-vpc --cidr-block 10.0.0.0/16`	Create VPC
`aws ec2 delete-vpc --vpc-id vpc-12345678`	Delete VPC
`aws ec2 describe-subnets`	List all subnets
`aws ec2 create-subnet --vpc-id vpc-12345678 --cidr-block 10.0.1.0/24`	Create subnet

Tableaux d'itinéraire

Command	Description
`aws ec2 describe-route-tables`	List route tables
`aws ec2 create-route-table --vpc-id vpc-12345678`	Create route table
`aws ec2 create-route --route-table-id rtb-12345678 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-12345678`	Add route
`aws ec2 associate-route-table --subnet-id subnet-12345678 --route-table-id rtb-12345678`	Associate route table

CloudWatch

Mesures et alarmes

Command	Description
`aws cloudwatch list-metrics`	List all metrics
`aws cloudwatch get-metric-statistics --namespace AWS/EC2 --metric-name CPUUtilization --dimensions Name=InstanceId,Value=i-1234567890abcdef0 --statistics Average --start-time 2023-01-01T00:00:00Z --end-time 2023-01-02T00:00:00Z --period 3600`	Get metric statistics
`aws cloudwatch describe-alarms`	List all alarms
`aws cloudwatch put-metric-alarm --alarm-name cpu-mon --alarm-description "Alarm when CPU exceeds 70%" --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 70.0 --comparison-operator GreaterThanThreshold`	Create alarm

Registres

Command	Description
`aws logs describe-log-groups`	List log groups
`aws logs create-log-group --log-group-name my-log-group`	Create log group
`aws logs describe-log-streams --log-group-name my-log-group`	List log streams
`aws logs get-log-events --log-group-name my-log-group --log-stream-name my-log-stream`	Get log events

Meilleures pratiques

Sécurité

Utiliser les rôles de l'IAM: Préférer les rôles de l'IAM sur les clés d'accès pour les instances EC2
Least Privilege: Accorder les autorisations minimales requises
MFA: Activer l'authentification multi-facteurs pour les opérations sensibles
** Clés de roulement** : Tourner régulièrement les clés d'accès et les mots de passe

Optimisation des coûts

Marquage des ressources: Étiquette toutes les ressources pour le suivi des coûts
Taille droite: Surveiller et ajuster les tailles d'instance en fonction de l'utilisation
Instances réservées: Utiliser des instances réservées pour des charges de travail prévisibles
Instances de dépôt: Utilisez des instances ponctuelles pour les charges de travail tolérantes aux défauts

Automatisation

CloudFormation: Utiliser l'infrastructure comme code pour les déploiements reproductibles
AWS CLI Scripts: Automatiser les tâches répétitives avec les scripts shell
AWS SDK: Utilisez les SDK AWS pour l'intégration des applications
CI/CD: Intégrer le système AWS CLI dans des pipelines d'intégration continue