AWS

https://github.com/donnemartin/awesome-aws

aws certification:

  • Foundational: 6个月经验. Cloud Practitioner Foundational(CLF).
  • Associate: 一年经验. Solutions Architect Associate(SAA); Developer, SysOps Administrator
  • Professional: 两年经验. Solutions Architect Professional(SAP), Devops Engineer.
  • Specialty: 特殊领域.

SDK

python

https://github.com/boto/boto3

golang

https://github.com/aws/aws-sdk-go

javascript

https://github.com/aws/aws-sdk-js


AWS Management Console

通过webUI管理资源.


AWS Command Line Interface

https://github.com/aws/aws-cli

https://github.com/awslabs/aws-shell

安装awscli-v1:

$ pip install awscli

推荐使用awscli-V2:

https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html

使用:

aws [-h] [--profile PROFILE] [--debug]

option:

-h, --help
--profile PROFILE
--debug

CLI credentials

配置文件:

// linux
~/.aws/credentials 

// windows
%USERPROFILE%\.aws\credentials

// 默认账号配置
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

// 指定用户配置
[canux]
aws_access_key_id=AKIAI44QH8DHBEXAMPLE
aws_secret_access_key=je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY

优先级:

  1. 命令行选项
  2. credentials文件
  3. config文件
  4. 容器凭证
  5. 实例配置文件凭证
  • CLI

      // 配置default
      $aws configure
      AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
      AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
      Default region name [None]: us-west-2
      Default output format [None]: json/yaml/text/table/yaml-stream
    
      // 配置指定用户
      $aws configure --profile canux
    
      // 查看配置
      $aws configure  list
      $aws configure --profile canux list
    
      // 命令行选项指定配置文件
      $aws --profile canux ...
      // 环境变量指定配置文件
      export AWS_PROFILE=canux
      setx AWS_PROFILE canux
      $aws ...
    
  • Environment variable

      export AWS_ACCESS_KEY_ID="id"
      export AWS_SECRET_ACCESS_KEY="key"
      export AWS_SESSION_TOKEN="token"
    
  • Shared credentials file

      $vi ~/.aws/credentials 
      [default]
      aws_access_key_id=id
      aws_secret_access_key=key
      aws_session_token=token
    
  • Config file

      $vi ~/.aws/config
      [default]
      aws_access_key_id=id
      aws_secret_access_key=key
      aws_session_token=token
    
  • IAM role

how to check:

$aws sts get-caller-identity

services

iam
ec2
sts