AWS CLI
Traduzione: Copia tutti i comandi
Traduzione: Generare PDF
< >
Comandi e flussi di lavoro AWS CLI completi per la gestione delle infrastrutture Amazon Web Services, tra cui EC2, S3, Lambda e altro ancora.
## Installazione e configurazione
| | Command | Description | |
| --- | --- |
| | `aws configure` | Configure AWS credentials and region | |
| | `aws configure list` | Show current configuration | |
| | `aws configure set region us-west-2` | Set default region | |
| | `aws configure set output json` | Set output format | |
| | `aws sts get-caller-identity` | Verify current identity | |
| | `aws configure list-profiles` | List all configured profiles | |
| | `aws configure --profile myprofile` | Configure named profile | |
## EC2 (Elastic Compute Cloud)
### Gestione del sistema
| | Command | Description | |
| --- | --- |
| | `aws ec2 describe-instances` | List all instances | |
| | `aws ec2 run-instances --image-id ami-12345 --instance-type t2.micro` | Launch instance | |
| | `aws ec2 start-instances --instance-ids i-1234567890abcdef0` | Start instance | |
| | `aws ec2 stop-instances --instance-ids i-1234567890abcdef0` | Stop instance | |
| | `aws ec2 terminate-instances --instance-ids i-1234567890abcdef0` | Terminate instance | |
| | `aws ec2 reboot-instances --instance-ids i-1234567890abcdef0` | Reboot instance | |
### Gruppi di sicurezza
| | Command | Description | |
| --- | --- |
| | `aws ec2 describe-security-groups` | List security groups | |
| | `aws ec2 create-security-group --group-name MySecurityGroup --description "My security group"` | Create security group | |
| | `aws ec2 authorize-security-group-ingress --group-id sg-12345 --protocol tcp --port 80 --cidr 0.0.0.0/0` | Add inbound rule | |
| | `aws ec2 revoke-security-group-ingress --group-id sg-12345 --protocol tcp --port 80 --cidr 0.0.0.0/0` | Remove inbound rule | |
### Coppie chiave
| | Command | Description | |
| --- | --- |
| | `aws ec2 describe-key-pairs` | List key pairs | |
| | `aws ec2 create-key-pair --key-name MyKeyPair --query 'KeyMaterial' --output text > MyKeyPair.pem` | Create key pair | |
| | `aws ec2 delete-key-pair --key-name MyKeyPair` | Delete key pair | |
## S3 (Servizio di stoccaggio semplice)
### Operazioni di secchio
| | Command | Description | |
| --- | --- |
| | `aws s3 ls` | List all buckets | |
| | `aws s3 mb s3://my-bucket` | Create bucket | |
| | `aws s3 rb s3://my-bucket` | Remove empty bucket | |
| | `aws s3 rb s3://my-bucket --force` | Remove bucket and all contents | |
| | `aws s3 ls s3://my-bucket` | List objects in bucket | |
| | `aws s3 ls s3://my-bucket --recursive` | List all objects recursively | |
### Operazioni di file
| | Command | Description | |
| --- | --- |
| | `aws s3 cp file.txt s3://my-bucket/` | Upload file | |
| | `aws s3 cp s3://my-bucket/file.txt .` | Download file | |
| | `aws s3 sync ./local-folder s3://my-bucket/` | Sync local folder to S3 | |
| | `aws s3 sync s3://my-bucket/ ./local-folder` | Sync S3 to local folder | |
| | `aws s3 rm s3://my-bucket/file.txt` | Delete file | |
| | `aws s3 rm s3://my-bucket/ --recursive` | Delete all files in bucket | |
### Operazioni S3 avanzate
| | Command | Description | |
| --- | --- |
| | `aws s3api get-bucket-versioning --bucket my-bucket` | Check versioning status | |
| | `aws s3api put-bucket-versioning --bucket my-bucket --versioning-configuration Status=Enabled` | Enable versioning | |
| | `aws s3api get-bucket-encryption --bucket my-bucket` | Check encryption | |
| | `aws s3api put-bucket-encryption --bucket my-bucket --server-side-encryption-configuration file://encryption.json` | Enable encryption | |
## Lambda
### Gestione delle funzioni
| | Command | Description | |
| --- | --- |
| | `aws lambda list-functions` | List all functions | |
| | `aws lambda create-function --function-name my-function --runtime python3.9 --role arn:aws:iam::123456789012:role/lambda-role --handler lambda_function.lambda_handler --zip-file fileb://function.zip` | Create function | |
| | `aws lambda update-function-code --function-name my-function --zip-file fileb://function.zip` | Update function code | |
| | `aws lambda invoke --function-name my-function output.txt` | Invoke function | |
| | `aws lambda delete-function --function-name my-function` | Delete function | |
### Configurazione della funzione
| | Command | Description | |
| --- | --- |
| | `aws lambda get-function --function-name my-function` | Get function details | |
| | `aws lambda update-function-configuration --function-name my-function --timeout 30` | Update timeout | |
| | `aws lambda update-function-configuration --function-name my-function --memory-size 256` | Update memory | |
| | `aws lambda put-function-event-invoke-config --function-name my-function --maximum-retry-attempts 1` | Configure retries | |
## IAM (Identity and Access Management)
### Gestione utente
| | Command | Description | |
| --- | --- |
| | `aws iam list-users` | List all users | |
| | `aws iam create-user --user-name myuser` | Create user | |
| | `aws iam delete-user --user-name myuser` | Delete user | |
| | `aws iam get-user --user-name myuser` | Get user details | |
| | `aws iam create-access-key --user-name myuser` | Create access key | |
| | `aws iam delete-access-key --user-name myuser --access-key-id AKIAIOSFODNN7EXAMPLE` | Delete access key | |
### Gestione del ruolo
| | Command | Description | |
| --- | --- |
| | `aws iam list-roles` | List all roles | |
| | `aws iam create-role --role-name MyRole --assume-role-policy-document file://trust-policy.json` | Create role | |
| | `aws iam attach-role-policy --role-name MyRole --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess` | Attach policy to role | |
| | `aws iam detach-role-policy --role-name MyRole --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess` | Detach policy from role | |
### Gestione delle politiche
| | Command | Description | |
| --- | --- |
| | `aws iam list-policies` | List all policies | |
| | `aws iam create-policy --policy-name MyPolicy --policy-document file://policy.json` | Create policy | |
| | `aws iam delete-policy --policy-arn arn:aws:iam::123456789012:policy/MyPolicy` | Delete policy | |
| | `aws iam get-policy --policy-arn arn:aws:iam::123456789012:policy/MyPolicy` | Get policy details | |
## Formazione cloud
### Gestione di Stack
| | Command | Description | |
| --- | --- |
| | `aws cloudformation list-stacks` | List all stacks | |
| | `aws cloudformation create-stack --stack-name my-stack --template-body file://template.yaml` | Create stack | |
| | `aws cloudformation update-stack --stack-name my-stack --template-body file://template.yaml` | Update stack | |
| | `aws cloudformation delete-stack --stack-name my-stack` | Delete stack | |
| | `aws cloudformation describe-stacks --stack-name my-stack` | Get stack details | |
| | `aws cloudformation describe-stack-events --stack-name my-stack` | Get stack events | |
### Operazioni dei modelli
| | Command | Description | |
| --- | --- |
| | `aws cloudformation validate-template --template-body file://template.yaml` | Validate template | |
| | `aws cloudformation estimate-template-cost --template-body file://template.yaml` | Estimate costs | |
| | `aws cloudformation get-template --stack-name my-stack` | Get stack template | |
## RDS (Servizio Database relazionale)
### Gestione del database
| | Command | Description | |
| --- | --- |
| | `aws rds describe-db-instances` | List all DB instances | |
| | `aws rds create-db-instance --db-instance-identifier mydb --db-instance-class db.t3.micro --engine mysql --master-username admin --master-user-password mypassword --allocated-storage 20` | Create DB instance | |
| | `aws rds start-db-instance --db-instance-identifier mydb` | Start DB instance | |
| | `aws rds stop-db-instance --db-instance-identifier mydb` | Stop DB instance | |
| | `aws rds delete-db-instance --db-instance-identifier mydb --skip-final-snapshot` | Delete DB instance | |
### Istantanee del database
| | Command | Description | |
| --- | --- |
| | `aws rds describe-db-snapshots` | List all snapshots | |
| | `aws rds create-db-snapshot --db-instance-identifier mydb --db-snapshot-identifier mydb-snapshot` | Create snapshot | |
| | `aws rds restore-db-instance-from-db-snapshot --db-instance-identifier mydb-restored --db-snapshot-identifier mydb-snapshot` | Restore from snapshot | |
| | `aws rds delete-db-snapshot --db-snapshot-identifier mydb-snapshot` | Delete snapshot | |
## VPC (Virtual Private Cloud)
### VPC Gestione
| | Command | Description | |
| --- | --- |
| | `aws ec2 describe-vpcs` | List all VPCs | |
| | `aws ec2 create-vpc --cidr-block 10.0.0.0/16` | Create VPC | |
| | `aws ec2 delete-vpc --vpc-id vpc-12345678` | Delete VPC | |
| | `aws ec2 describe-subnets` | List all subnets | |
| | `aws ec2 create-subnet --vpc-id vpc-12345678 --cidr-block 10.0.1.0/24` | Create subnet | |
### Tavoli di percorso
| | Command | Description | |
| --- | --- |
| | `aws ec2 describe-route-tables` | List route tables | |
| | `aws ec2 create-route-table --vpc-id vpc-12345678` | Create route table | |
| | `aws ec2 create-route --route-table-id rtb-12345678 --destination-cidr-block 0.0.0.0/0 --gateway-id igw-12345678` | Add route | |
| | `aws ec2 associate-route-table --subnet-id subnet-12345678 --route-table-id rtb-12345678` | Associate route table | |
## CloudWatch
### metriche e allarmi
| | Command | Description | |
| --- | --- |
| | `aws cloudwatch list-metrics` | List all metrics | |
| | `aws cloudwatch get-metric-statistics --namespace AWS/EC2 --metric-name CPUUtilization --dimensions Name=InstanceId,Value=i-1234567890abcdef0 --statistics Average --start-time 2023-01-01T00:00:00Z --end-time 2023-01-02T00:00:00Z --period 3600` | Get metric statistics | |
| | `aws cloudwatch describe-alarms` | List all alarms | |
| | `aws cloudwatch put-metric-alarm --alarm-name cpu-mon --alarm-description "Alarm when CPU exceeds 70%" --metric-name CPUUtilization --namespace AWS/EC2 --statistic Average --period 300 --threshold 70.0 --comparison-operator GreaterThanThreshold` | Create alarm | |
### Logs
| | Command | Description | |
| --- | --- |
| | `aws logs describe-log-groups` | List log groups | |
| | `aws logs create-log-group --log-group-name my-log-group` | Create log group | |
| | `aws logs describe-log-streams --log-group-name my-log-group` | List log streams | |
| | `aws logs get-log-events --log-group-name my-log-group --log-stream-name my-log-stream` | Get log events | |
## Migliori Pratiche
### Sicurezza
1. ** Utilizzare IAM Roles**: Preferire i ruoli IAM sui tasti di accesso per le istanze EC2
2. **Least Privilege**: Concedere autorizzazioni minime richieste
3. **MFA**: Abilitare l'autenticazione multifattore per operazioni sensibili
4. #Rotate Keys # Regolarmente ruotare chiavi di accesso e password
### Ottimizzazione dei costi
1. # Resource Tagging # Tagga tutte le risorse per il monitoraggio dei costi
2. - Si'. Monitorare e regolare le dimensioni delle istanze in base all'utilizzo
3. **Stati riservati**: Utilizzare istanze riservate per carichi di lavoro prevedibili
4. **Istruzioni dei punti**: Utilizzare istanze dei punti per carichi di lavoro tolleranti
### Automazione
1. **CloudFormation ** Utilizzare Infrastructure come Codice per implementazioni riproducibili
2. **AWS CLI Scripts**: Automatizza le attività ripetitive con gli script di shell
3. **AWS SDK**: Utilizzare gli SDK AWS per l'integrazione delle applicazioni
4. **CI/CD**: Integrare AWS CLI in pipeline di integrazione continua