How to use Amazon EC2 command line interface?

linux command-line-interface amazon-ec2

The AWS command-line tools use private keys and certificates to establish your identity, just like the AWS web service APIs do. So you have to pass your private key or certificate with each command. (On a related note, you don't need to connect to an EC2 instance to run the commands. You can run them from any machine with the tools installed and an internet connection.)

It's usually easiest to create a script that sets the private key and certificate in EC2_PRIVATE_KEY and EC2_CERT environment variables. That way, you don't have to specify them explicitly via command-line options each time.

See the documentation below (especially the --private-key and --cert options) for more information. Common Options for API Tools

And as always, be careful not to share your private keys and certificates any more broadly than necessary.


Follow the steps to generate private-key and certificate for your AWS account.

Generating Your Aws Private Key & Certificate File

You have two choices:

1.You can export these keys (make sure it is in your bashrc file) and execute the EC2 commands

export EC2_PRIVATE_KEY=$HOME/<where your private key is>/pk-XXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem
export EC2_CERT=$HOME/<where your certificate is>/cert-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem
ec2-describe-images ami-12345abc

2.Give the path of private key & certificate file when you execute AWS in CLI

ec2-describe-images \
-C <path-to-certificate-file>/cert-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem \
-K <path-to-private-key>/pk-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.pem ami-12345abc

I would suggest to choose option 2, since it always make me remember those important files.


The easiest way to provide your access keys to the Amazon EC2 CLI is to set the AWS_ACCESS_KEY and AWS_SECRET_KEY environment variables. First, add the following lines to ~/.bashrc and save the file.

export AWS_ACCESS_KEY=your-aws-access-key-id

export AWS_SECRET_KEY=your-aws-secret-key

After you've updated ~/.bashrc, run the following command:

source ~/.bashrc

To verify that your CLI tools are set up correctly, run the following command:

ec2-describe-regions

Source: http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/set-up-ec2-cli-linux.html

Related

Ubuntu raid - replacing drive?
HP dl170 g6 and LO100 (iLO) - Can't boot from virtual media
What might increase delay of ssh connection?
What is the locations of the registry files in Windows 2008 R2
How to view linux kernel logs live?
CentOS 6 in production
Is it possible to create an internal SSL certificate with Subject Alternative Names
Best error code for 'generic error'
5 second resolving delay
Stop DHCP client from receiving old IP address on new VLAN
When setting up OpenLDAP for the first time, what are some things to keep in mind?
BackupPc fails with SIGPIPE