Now that awscli v2 is in @fedora, there's an upcoming change to remove the v1 version. 📦 ☁️

#aws #awscli #python #fedora

https://pagure.io/fesco/issue/3006

Nice! awscli v2 is on its way to @fedora now! The package is called `awscli2`. 🎉 🎉 🎉 🎉 🎉

Lots of people pitched in for this effort and it's finally here.

#aws #cloud #fedora #awscli #python

So, #AWS #cloudformation vs #AWSCLI. Looks to be ending up the same as Azure #ARM vs #AzureCLI. If you already have the template, and deploy it once, it is good. But developing CLI scripts is quicker (debug one step at a time, rather than all at once). And templates run into the same dead ends: e.g. decides it needs to recreate the entire subnet, so it attempts to, but runs into an IP address conflict with the existing one, and the whole thing stops. There are things/changes that declarative approaches just can't do, and you need to use migrations (CLI scripts).

Use the AWS CLI? Get powered up with custom aliases and subcommands.

https://gist.github.com/earchibald-lv/f2a165c832f1f455061af74cfa8127b4

#aws #awsCli #awsCliAliases #awsCliCustomSubcommands

I'm a few months late noticing, but I'm glad to see that the aws-cli has added the ability to display the current credentials, or credentials for a specific config profile.

aws configure export-credentials

Using options, the results can be formatted as environment variables for eval and use by other tools.

I think this is especially useful if the config profile assumes a (cross-account) role, or you are using `aws sso login`.

https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configure/export-credentials.html

#aws #awsCLI #security

Okay so now I want to migrate from my #minio service to something like #digitalocean or #wasabi. Has anyone successfully mirrored from a Minio Object Store to another Object store? I attempted to sync using #awscli from my minio to DO and it keeps throwing "NoSuchKey" when I attempt to switch. Not sure what is going on. Everything looks identical as far as the data is concerned, but it's not working as expected (I guess... I'm new to s3 object stores). Any ideas?

When you are logged into the website, on the top right, chose "Security Credentials". Depending on permissions you can reset the password, get a new awscli key or reset the MFA device.
#aws #cloud #cloudhacking #awscli #hacking #infosec #cybersecurity #cloudsecurity #awssecurity

Let's do something "creative":

Where can you get AWS credentials from?

Add a new vector or give more details for an answer that's already there, e.g. (1) IMDS (2) Instance Metadata Service v1 creds directly from 169.254.169.254/latest/meta-data/iam/security-credentials/<role-name>
#aws #cloud #cloudhacking #awscli #hacking

AWS CLI: S3 Commands

https://docs.aws.amazon.com/cli/latest/userguide/cli-services-s3-commands.html

#documentation #aws #AWSCli #S3 #invalidation

AWS CLI: Create CloudFront Invalidation

https://docs.aws.amazon.com/cli/latest/reference/cloudfront/create-invalidation.html

#documentation #aws #AWSCli #Cloudfront #invalidation

Bonus:

Allow defaults for the parameter values in the config file, as in:

role_arn=arn:aws:iam::{{acct=123456789012}}:role/{{role=readonly}}

#aws #awsWishlist #awscli

I want to be able to set up an aws-cli config profile that includes parameter substitutions, and then specify the values for those parameters with command line options.

The command line could be:

aws s3 ls \
--profile assumewithmfa \
--param acct=123456789012 \
--param role=s3-readonly

and the config:

[profile assumewithmfa]
source_profile=user-main
role_arn = arn:aws:iam::{{acct}}:role/{{role}}
mfa_serial=arn:aws:iam::987654321098:mfa/user
region=us-east-1

#awsWishlist #aws #awscli

Never change a running system...until you have to #ecsli #awscli

@raoul
`aws s3 sync` is built on boto, but adds extra logic like adding in a content-type attribute, which is critical for static website hosting in S3.

I had this all working on my python2.6 AWS Lambda function which team for years, but when I upgraded to Python 3.9 it broke calling the `aws` included in the ZIP file.

I may be able to figure out how to fix it, but was hoping the intervening years had brought about a more standard aws-cli in Lambda.

#aws #lambda #awscli

I'm working to upgrade some old AWS Lambda functions, and have a question:

Does the AWS Lambda environment for Python 3.9 include the aws-cli anywhere?

If not, are there any modern instructions on the best way to include the aws-cli in a Lambda function?

I'm hoping the word "layer" is not in the answer, but I'll look at that if I must.

#aws #lambda #awscli

Installing the AWS CLI

https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html

#tips #docs #AWSCli #installation #bookmarked