오늘은 AWS 서비스를 Command Line Interface로 구동하는 AWS CLI에 대해서 포스팅을 하도록 하겠다.
우선 AWS Command Line으로 검색하면 AWS 사이트가 확인된다.
해당 사이트로 접속을해서 왼쪽 메뉴중에
Install/Update를 클릭하여 AWS CLI를 설치하는 화면으로 넘어가도록 하자.
AWS CLI에 대한 간단 설명과 함께 하단에 OS에 따른 선택을 한다.
필자는 Windows를 사용하기 때문에, Windows를 선택한다.
중간에 위치한 AWSCLIV2.msi를 클릭하면 AWS CLI를 다운로드 받는다.
1. 번에 해당하는 명령어를 입력해도 설치는 가능하지만, 우리는 우선 msi 파일을 다운받아 실행시키도록 하자.
Next를 클릭하여 넘어가자.
동의하자.
이 단계에서도 별다른 선택을 하지는 않았었다.
Next를 눌러 넘어가자.
Install를 클릭하여 설치 하도록 하자.
설치를 완료한 다음에는 AWS가 잘 설치되어 있는지 확인이 필요하다.
2번의 명령어를 입력하여 설치한 AWS CLI의 버전이 뜨는지 확인한다.
AWS CLI가 잘 설치된것으로 확인되니 다음 단계로 넘어가자.
우리는 모두 Console을 이용한 AWS를 사용했었는데,
그건 우리의 계정 자체가 Console로 접근이 가능하여 그렇게 사용했던 것인데,
AWS CLI의 경우는 다른 유형의 사용자가 필요하다.
IAM으로 이동하자.
메뉴에서
Users를 클릭하여 User 화면으로 이동한다.
우측 상단에 위치한 Add User를 클릭하여 사용자를 추가하도록 하자.
User Name은 원하는 이름으로 작성하고,
하단에 Select AWS Access Type중에 Access key - Programmatic access를 클릭하여 해당 계정은 CLI로 사용할것임을 체크한다.
다음으로는 해당 계정에 어느정도 권한을 부여할지를 체크하는건데, 필자의 경우는 모든 권한을 다 부여하고 진행을 했다.
다음으로는 Tag를 등록하는 과정인데, 여기서는 Name에 해당하는 Tag만 입력하고 넘어갔다.
이제 생성하려는 계정에 대한 요약 화면인데, 해당 화면에서 내용을 모두 확인후 하단에 위치한 Create User 버튼을 클릭해서 계정을 생성하도록 하자.
생성한 user에 대한 정보인데, 여기서 Access key ID와 Secret access key는 추후에 꼭 필요하니 메모장에 적어 두도록 하자. 추가로 해당 계정에 대한 csv 파일도 다운받아 저장해 두자.
다음으로는 cmd창을 실행하여 AWS CLI에 해당 계정으로 설정을 한다.
AWS Access Key ID에 앞서 생성한 계정의 Access Key ID를 입력하고
AWS Secret Access Key에는 앞서 생성한 계정의 Secret access key를 입력한다.
다음으로 Default region name에 주로 사용한 region의 이름을 입력하자.
필자의 경우는 ap-northeast-2 즉 서울로 입력했다.
다음으로는 필자의 정보력이 부족하여 설명은 안되지만, json으로 입력하여 설정을 마무리 한다.
CMD창에서 AWS Command를 입력하면 뭐 Error이기 때문에 해당 Line을 출력하는것이긴 하지만, AWS CLI를 이용하여 사용 가능한 명령어들의 목록이 나열된다.
EC2와 관련된 명령어의 목록도 확인가능하다.
위와 같이 aws ec2 help를 클릭하여 ec2 명령어의 목록을 받을수 있는데,
모든 명령어는 아래와 같다. ec2 관련 명령어가 너무 많아서 확인된 명령어의 우측에는 설명을 공란으로 기록되어 있는곳은 아직 발굴하지 못한 미지의 세계임을 기억하자.
Available Commands
******************
* accept-reserved-instances-exchange-quote
* accept-transit-gateway-multicast-domain-associations
* accept-transit-gateway-peering-attachment
* accept-transit-gateway-vpc-attachment
* accept-vpc-endpoint-connections\
* accept-vpc-peering-connection
* advertise-byoip-cidr
* allocate-address
* allocate-hosts
* allocate-ipam-pool-cidr
* apply-security-groups-to-client-vpn-target-network
* assign-ipv6-addresses
* assign-private-ip-addresses
* associate-address
* associate-client-vpn-target-network
* associate-dhcp-options
* associate-enclave-certificate-iam-role
* associate-iam-instance-profile
* associate-instance-event-window
* associate-route-table
* associate-subnet-cidr-block
* associate-transit-gateway-multicast-domain
* associate-transit-gateway-policy-table
* associate-transit-gateway-route-table
* associate-trunk-interface
* associate-vpc-cidr-block
* attach-classic-link-vpc
* attach-internet-gateway
* attach-network-interface
* attach-volume
* attach-vpn-gateway
* authorize-client-vpn-ingress
* authorize-security-group-egress
* authorize-security-group-ingress
* bundle-instance
* cancel-bundle-task
* cancel-capacity-reservation
* cancel-capacity-reservation-fleets
* cancel-conversion-task
* cancel-export-task
* cancel-import-task
* cancel-reserved-instances-listing
* cancel-spot-fleet-requests
* cancel-spot-instance-requests
* confirm-product-instance
* copy-fpga-image
* copy-image - 이미지 복사하기
* copy-snapshot - Snap Shot 복사하기
* create-capacity-reservation
* create-capacity-reservation-fleet
* create-carrier-gateway
* create-client-vpn-endpoint
* create-client-vpn-route
* create-customer-gateway
* create-default-subnet - Default Subnet 생성하기
* create-default-vpc - Default VPC 생성하기
* create-dhcp-options
* create-egress-only-internet-gateway
* create-fleet
* create-flow-logs
* create-fpga-image
* create-image
* create-instance-event-window
* create-instance-export-task
* create-internet-gateway
* create-ipam
* create-ipam-pool
* create-ipam-scope
* create-key-pair - 키 페어 생성하기
* create-launch-template
* create-launch-template-version
* create-local-gateway-route
* create-local-gateway-route-table-vpc-association
* create-managed-prefix-list
* create-nat-gateway - NAT 게이트웨이 만들기
* create-network-acl - NACL 만들기
* create-network-acl-entry
* create-network-insights-access-scope
* create-network-insights-path
* create-network-interface
* create-network-interface-permission
* create-placement-group
* create-public-ipv4-pool
* create-replace-root-volume-task
* create-reserved-instances-listing
* create-restore-image-task
* create-route - Route 만들기
* create-route-table - Route Table 만들기
* create-security-group - 보안 그룹 만들기
* create-snapshot
* create-snapshots
* create-spot-datafeed-subscription
* create-store-image-task
* create-subnet
* create-subnet-cidr-reservation
* create-tags
* create-traffic-mirror-filter
* create-traffic-mirror-filter-rule
* create-traffic-mirror-session
* create-traffic-mirror-target
* create-transit-gateway
* create-transit-gateway-connect
* create-transit-gateway-connect-peer
* create-transit-gateway-multicast-domain
* create-transit-gateway-peering-attachment
* create-transit-gateway-policy-table
* create-transit-gateway-prefix-list-reference
* create-transit-gateway-route
* create-transit-gateway-route-table
* create-transit-gateway-route-table-announcement
* create-transit-gateway-vpc-attachment
* create-volume
* create-vpc
* create-vpc-endpoint
* create-vpc-endpoint-connection-notification
* create-vpc-endpoint-service-configuration
* create-vpc-peering-connection
* create-vpn-connection
* create-vpn-connection-route
* create-vpn-gateway
* delete-carrier-gateway
* delete-client-vpn-endpoint
* delete-client-vpn-route
* delete-customer-gateway
* delete-dhcp-options
* delete-egress-only-internet-gateway
* delete-fleets
* delete-flow-logs
* delete-fpga-image
* delete-instance-event-window
* delete-internet-gateway
* delete-ipam
* delete-ipam-pool
* delete-ipam-scope
* delete-key-pair
* delete-launch-template
* delete-launch-template-versions
* delete-local-gateway-route
* delete-local-gateway-route-table-vpc-association
* delete-managed-prefix-list
* delete-nat-gateway
* delete-network-acl
* delete-network-acl-entry
* delete-network-insights-access-scope
* delete-network-insights-access-scope-analysis
* delete-network-insights-analysis
* delete-network-insights-path
* delete-network-interface
* delete-network-interface-permission
* delete-placement-group
* delete-public-ipv4-pool
* delete-queued-reserved-instances
* delete-route
* delete-route-table
* delete-security-group
* delete-snapshot
* delete-spot-datafeed-subscription
* delete-subnet
* delete-subnet-cidr-reservation
* delete-tags
* delete-traffic-mirror-filter
* delete-traffic-mirror-filter-rule
* delete-traffic-mirror-session
* delete-traffic-mirror-target
* delete-transit-gateway
* delete-transit-gateway-connect
* delete-transit-gateway-connect-peer
* delete-transit-gateway-multicast-domain
* delete-transit-gateway-peering-attachment
* delete-transit-gateway-policy-table
* delete-transit-gateway-prefix-list-reference
* delete-transit-gateway-route
* delete-transit-gateway-route-table
* delete-transit-gateway-route-table-announcement
* delete-transit-gateway-vpc-attachment
* delete-volume
* delete-vpc
* delete-vpc-endpoint-connection-notifications
* delete-vpc-endpoint-service-configurations
* delete-vpc-endpoints
* delete-vpc-peering-connection
* delete-vpn-connection
* delete-vpn-connection-route
* delete-vpn-gateway
* deprovision-byoip-cidr
* deprovision-ipam-pool-cidr
* deprovision-public-ipv4-pool-cidr
* deregister-image
* deregister-instance-event-notification-attributes
* deregister-transit-gateway-multicast-group-members
* deregister-transit-gateway-multicast-group-sources
* describe-account-attributes
* describe-addresses
* describe-addresses-attribute
* describe-aggregate-id-format
* describe-availability-zones
* describe-bundle-tasks
* describe-byoip-cidrs
* describe-capacity-reservation-fleets
* describe-capacity-reservations
* describe-carrier-gateways
* describe-classic-link-instances
* describe-client-vpn-authorization-rules
* describe-client-vpn-connections
* describe-client-vpn-endpoints
* describe-client-vpn-routes
* describe-client-vpn-target-networks
* describe-coip-pools
* describe-conversion-tasks
* describe-customer-gateways
* describe-dhcp-options
* describe-egress-only-internet-gateways
* describe-elastic-gpus
* describe-export-image-tasks
* describe-export-tasks
* describe-fast-launch-images
* describe-fast-snapshot-restores
* describe-fleet-history
* describe-fleet-instances
* describe-fleets
* describe-flow-logs
* describe-fpga-image-attribute
* describe-fpga-images
* describe-host-reservation-offerings
* describe-host-reservations
* describe-hosts
* describe-iam-instance-profile-associations
* describe-id-format
* describe-identity-id-format
* describe-image-attribute
* describe-images
* describe-import-image-tasks
* describe-import-snapshot-tasks
* describe-instance-attribute
* describe-instance-credit-specifications
* describe-instance-event-notification-attributes
* describe-instance-event-windows
* describe-instance-status
* describe-instance-type-offerings
* describe-instance-types
* describe-instances
* describe-internet-gateways
* describe-ipam-pools
* describe-ipam-scopes
* describe-ipams
* describe-ipv6-pools
* describe-key-pairs
* describe-launch-template-versions
* describe-launch-templates
* describe-local-gateway-route-table-virtual-interface-group-
associations
* describe-local-gateway-route-table-vpc-associations
* describe-local-gateway-route-tables
* describe-local-gateway-virtual-interface-groups
* describe-local-gateway-virtual-interfaces
* describe-local-gateways
* describe-managed-prefix-lists
* describe-moving-addresses
* describe-nat-gateways
* describe-network-acls
* describe-network-insights-access-scope-analyses
* describe-network-insights-access-scopes
* describe-network-insights-analyses
* describe-network-insights-paths
* describe-network-interface-attribute
* describe-network-interface-permissions
* describe-network-interfaces
* describe-placement-groups
* describe-prefix-lists
* describe-principal-id-format
* describe-public-ipv4-pools
* describe-regions
* describe-replace-root-volume-tasks
* describe-reserved-instances
* describe-reserved-instances-listings
* describe-reserved-instances-modifications
* describe-reserved-instances-offerings
* describe-route-tables
* describe-scheduled-instance-availability
* describe-scheduled-instances
* describe-security-group-references
* describe-security-group-rules
* describe-security-groups
* describe-snapshot-attribute
* describe-snapshot-tier-status
* describe-snapshots
* describe-spot-datafeed-subscription
* describe-spot-fleet-instances
* describe-spot-fleet-request-history
* describe-spot-fleet-requests
* describe-spot-instance-requests
* describe-spot-price-history
* describe-stale-security-groups
* describe-store-image-tasks
* describe-subnets
* describe-tags
* describe-traffic-mirror-filters
* describe-traffic-mirror-sessions
* describe-traffic-mirror-targets
* describe-transit-gateway-attachments
* describe-transit-gateway-connect-peers
* describe-transit-gateway-connects
* describe-transit-gateway-multicast-domains
* describe-transit-gateway-peering-attachments
* describe-transit-gateway-policy-tables
* describe-transit-gateway-route-table-announcements
* describe-transit-gateway-route-tables
* describe-transit-gateway-vpc-attachments
* describe-transit-gateways
* describe-trunk-interface-associations
* describe-volume-attribute
* describe-volume-status
* describe-volumes
* describe-volumes-modifications
* describe-vpc-attribute
* describe-vpc-classic-link
* describe-vpc-classic-link-dns-support
* describe-vpc-endpoint-connection-notifications
* describe-vpc-endpoint-connections
* describe-vpc-endpoint-service-configurations
* describe-vpc-endpoint-service-permissions
* describe-vpc-endpoint-services
* describe-vpc-endpoints
* describe-vpc-peering-connections
* describe-vpcs
* describe-vpn-connections
* describe-vpn-gateways
* detach-classic-link-vpc
* detach-internet-gateway
* detach-network-interface
* detach-volume
* detach-vpn-gateway
* disable-ebs-encryption-by-default
* disable-fast-launch
* disable-fast-snapshot-restores
* disable-image-deprecation
* disable-ipam-organization-admin-account
* disable-serial-console-access
* disable-transit-gateway-route-table-propagation
* disable-vgw-route-propagation
* disable-vpc-classic-link
* disable-vpc-classic-link-dns-support
* disassociate-address
* disassociate-client-vpn-target-network
* disassociate-enclave-certificate-iam-role
* disassociate-iam-instance-profile
* disassociate-instance-event-window
* disassociate-route-table
* disassociate-subnet-cidr-block
* disassociate-transit-gateway-multicast-domain
* disassociate-transit-gateway-policy-table
* disassociate-transit-gateway-route-table
* disassociate-trunk-interface
* disassociate-vpc-cidr-block
* enable-ebs-encryption-by-default
* enable-fast-launch
* enable-fast-snapshot-restores
* enable-image-deprecation
* enable-ipam-organization-admin-account
* enable-serial-console-access
* enable-transit-gateway-route-table-propagation
* enable-vgw-route-propagation
* enable-volume-io
* enable-vpc-classic-link
* enable-vpc-classic-link-dns-support
* export-client-vpn-client-certificate-revocation-list
* export-client-vpn-client-configuration
* export-image
* export-transit-gateway-routes
* get-associated-enclave-certificate-iam-roles
* get-associated-ipv6-pool-cidrs
* get-capacity-reservation-usage
* get-coip-pool-usage
* get-console-output
* get-console-screenshot
* get-default-credit-specification
* get-ebs-default-kms-key-id
* get-ebs-encryption-by-default
* get-flow-logs-integration-template
* get-groups-for-capacity-reservation
* get-host-reservation-purchase-preview
* get-instance-types-from-instance-requirements
* get-instance-uefi-data
* get-ipam-address-history
* get-ipam-pool-allocations
* get-ipam-pool-cidrs
* get-ipam-resource-cidrs
* get-launch-template-data
* get-managed-prefix-list-associations
* get-managed-prefix-list-entries
* get-network-insights-access-scope-analysis-findings
* get-network-insights-access-scope-content
* get-password-data
* get-reserved-instances-exchange-quote
* get-serial-console-access-status
* get-spot-placement-scores
* get-subnet-cidr-reservations
* get-transit-gateway-attachment-propagations
* get-transit-gateway-multicast-domain-associations
* get-transit-gateway-policy-table-associations
* get-transit-gateway-policy-table-entries
* get-transit-gateway-prefix-list-references
* get-transit-gateway-route-table-associations
* get-transit-gateway-route-table-propagations
* get-vpn-connection-device-sample-configuration
* get-vpn-connection-device-types
* help
* import-client-vpn-client-certificate-revocation-list
* import-image
* import-key-pair
* import-snapshot
* list-images-in-recycle-bin
* list-snapshots-in-recycle-bin
* modify-address-attribute
* modify-availability-zone-group
* modify-capacity-reservation
* modify-capacity-reservation-fleet
* modify-client-vpn-endpoint
* modify-default-credit-specification
* modify-ebs-default-kms-key-id
* modify-fleet
* modify-fpga-image-attribute
* modify-hosts
* modify-id-format
* modify-identity-id-format
* modify-image-attribute
* modify-instance-attribute
* modify-instance-capacity-reservation-attributes
* modify-instance-credit-specification
* modify-instance-event-start-time
* modify-instance-event-window
* modify-instance-maintenance-options
* modify-instance-metadata-options
* modify-instance-placement
* modify-ipam
* modify-ipam-pool
* modify-ipam-resource-cidr
* modify-ipam-scope
* modify-launch-template
* modify-managed-prefix-list
* modify-network-interface-attribute
* modify-private-dns-name-options
* modify-reserved-instances
* modify-security-group-rules
* modify-snapshot-attribute
* modify-snapshot-tier
* modify-spot-fleet-request
* modify-subnet-attribute
* modify-traffic-mirror-filter-network-services
* modify-traffic-mirror-filter-rule
* modify-traffic-mirror-session
* modify-transit-gateway
* modify-transit-gateway-prefix-list-reference
* modify-transit-gateway-vpc-attachment
* modify-volume
* modify-volume-attribute
* modify-vpc-attribute
* modify-vpc-endpoint
* modify-vpc-endpoint-connection-notification
* modify-vpc-endpoint-service-configuration
* modify-vpc-endpoint-service-payer-responsibility
* modify-vpc-endpoint-service-permissions
* modify-vpc-peering-connection-options
* modify-vpc-tenancy
* modify-vpn-connection
* modify-vpn-connection-options
* modify-vpn-tunnel-certificate
* modify-vpn-tunnel-options
* monitor-instances
* move-address-to-vpc
* move-byoip-cidr-to-ipam
* provision-byoip-cidr
* provision-ipam-pool-cidr
* provision-public-ipv4-pool-cidr
* purchase-host-reservation
* purchase-reserved-instances-offering
* purchase-scheduled-instances
* reboot-instances
* register-image
* register-instance-event-notification-attributes
* register-transit-gateway-multicast-group-members
* register-transit-gateway-multicast-group-sources
* reject-transit-gateway-multicast-domain-associations
* reject-transit-gateway-peering-attachment
* reject-transit-gateway-vpc-attachment
* reject-vpc-endpoint-connections
* reject-vpc-peering-connection
* release-address
* release-hosts
* release-ipam-pool-allocation
* replace-iam-instance-profile-association
* replace-network-acl-association
* replace-network-acl-entry
* replace-route
* replace-route-table-association
* replace-transit-gateway-route
* report-instance-status
* request-spot-fleet
* request-spot-instances
* reset-address-attribute
* reset-ebs-default-kms-key-id
* reset-fpga-image-attribute
* reset-image-attribute
* reset-instance-attribute
* reset-network-interface-attribute
* reset-snapshot-attribute
* restore-address-to-classic
* restore-image-from-recycle-bin
* restore-managed-prefix-list-version
* restore-snapshot-from-recycle-bin
* restore-snapshot-tier
* revoke-client-vpn-ingress
* revoke-security-group-egress
* revoke-security-group-ingress
* run-instances
* run-scheduled-instances
* search-local-gateway-routes
* search-transit-gateway-multicast-groups
* search-transit-gateway-routes
* send-diagnostic-interrupt
* start-instances
* start-network-insights-access-scope-analysis
* start-network-insights-analysis
* start-vpc-endpoint-service-private-dns-verification
* stop-instances - 인스턴스 중지
* terminate-client-vpn-connections
* terminate-instances - 인스턴스 정지
* unassign-ipv6-addresses
* unassign-private-ip-addresses
* unmonitor-instances
* update-security-group-rule-descriptions-egress
* update-security-group-rule-descriptions-ingress
* wait
* withdraw-byoip-cidr
CLI를 사용한다면 어찌보면 간단하겠지만, 어찌보면 너무 어려운 영역인것으로 예상이 된다.
사용해보고 느낀 최대 단점은...
인스턴스 중지 및 종료를 하기 위해서는 해당 인스턴스의 ID를 기억하고 있어야 한다...
aws ec2 describe-instances 명령어를 입력하면 인스턴스의 목록이 아래와 같이 확인되는데,
여기에서 Instance ID를 다른곳에 기입을 해거나, 그대로 복사해서 명령어에 입력하는 방법으로 활용은 할수 있다.
아래와 같이 aws ec2 terminate-instances --instance-ids 뒤에 인스턴스 ID를 입력하면 종료 명령어가 실행된다.
추가로 인스턴스 중지의 경우는 aws ec2 stop-instances --instance-ids 뒤에 인스턴스 ID를 입력하면 중지된다.
'[AWS] > STUDY' 카테고리의 다른 글
| [AWS] Route53이란 (0) | 2022.08.12 |
|---|---|
| [AWS] Cloud Front의 정의 (0) | 2022.08.12 |
| [AWS] 리눅스 파일 시스템 (0) | 2022.08.12 |
| [AWS][Lex][Lambda] 1. Lex와 날씨 API (0) | 2022.08.01 |
| [AWS][초급] Lambda 더하기 테스트 (0) | 2022.07.26 |
| [AWS] Data Link and Migration (0) | 2022.07.20 |
| [AWS] Serverless 환경 (0) | 2022.07.08 |
| [AWS] Scale Down (0) | 2022.07.06 |
댓글