Cloud

AWS

AWS

https://github.com/donnemartin/awesome-aws

aws certification:

  • Foundational: 6个月经验. Cloud Practitioner Foundational(CLF).
  • Associate: 一年经验. Solutions Architect Associate(SAA); Developer, SysOps Administrator
  • Professional: 两年经验. Solutions Architect Professional(SAP), Devops Engineer.
  • Specialty: 特殊领域.

SDK

python

https://github.com/boto/boto3

golang

https://github.com/aws/aws-sdk-go

AWS Management Console

通过webUI管理资源. kkkkjjkijijijkkjddkkkkjj

AWS Command Line Interface

https://github.com/aws/aws-cli

https://github.com/awslabs/aws-shell

推荐使用awscli-V2:

https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html

使用:

aws [-h] [--profile PROFILE] [--debug]

option:

-h, --help
--profile PROFILE
--debug

comand option:

aws <service> <subcommand> help

CLI credentials

优先级:

  1. 命令行选项
  2. credentials文件
  3. config文件
  4. 容器凭证
  5. 实例配置文件凭证
  • CLI

配置default profile

$aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json/yaml/text/table/yaml-stream

// 配置指定用户
$aws configure --profile canux

// 查看配置
$aws configure  list
$aws configure --profile canux list

命令行选项指定配置文件

$aws --profile canux ...

环境变量指定配置文件

export AWS_PROFILE=canux
export AWS_DEFAULT_PROFILE=canux
  • Shared credentials file

文件配置

// windows
%USERPROFILE%\.aws\credentials

// linux
~/.aws/credentials 

// 默认账号配置
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

// 指定用户配置
[canux]
aws_access_key_id=AKIAI44QH8DHBEXAMPLE
aws_secret_access_key=je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY

通过环境变量配置

export AWS_ACCESS_KEY_ID="id"
export AWS_SECRET_ACCESS_KEY="key"
export AWS_SESSION_TOKEN="token"
  • Config file

配置文件

// linux
~/.aws/config

[default]
region = eu-west-1
output = yaml

[profile pro]
sso_start_url = https://lz.awsapps.com/start
sso_region = eu-west-1
sso_role_name = ProjAdmins
sso_account_id = 123404000510
region = us-west-2
output = json

// windows
%USERPROFILE%\.aws\config
  • IAM role

how to check:

$aws sts get-caller-identity --profile pro

services

iam
ec2
sts
eks

aws eks describe-addon-versions --addon-name aws-ebs-csi-driver
© 2013 - 2024 Morgoth
Designed by Canux