When your application is running on Cloud it becomes very important for you to know about managing your applications. Amazon provides many tools to manage AWS resources e.g. UI console, API (PHP, Java, Dot Net etc.), command line tools and so on. We prefer working on console but sometimes it becomes mandatory to access system through command line. One of such situation is when RDS is running out of space and you are not able to see the console.
To install command line API tool on Linux machine, we need to download API tool.
However, Amazon Linux already has that tool installed on ec2. Default location of amazon tool is
For Windows machine we require
- Java installed on the system
- Certificate file and Private file of AWS Account
- AWS SDK API
Download AWS SDK API from the following URL, following links may change, to get updated links goto http://aws.amazon.com and search required command line tool
For EC2 API: http://aws.amazon.com/developertools/351
Auto Scalling: http://aws.amazon.com/developertools/2535
Cloud Watch: http://aws.amazon.com/developertools/2534
Cloud Search: http://aws.amazon.com/developertools/4320728073503020
Once you have download e.g. for EC2
Extract zip file e.g.
Folder structure will be as follows
Download Java from the following link
After installation set the path and class path of jre
JAVA_HOME=<JRE / JDK PATH>
To check whether the path is set correctly, find out the version of Java using the following command:
To connect with Amazon API through command line we require X.509 certificate credentials. To get these credentials
- Login to AWS using Root account or account which has access to Security Credential page
Goto Account Activity page and select Security credential from the left panel
- Once you login-in with AWS, you will see three tabs of keys, select X.509 tab
You can create maximum two certificates, if you want to create certificate then you need to deactivate existing certificate and delete it.
Click on “Create a new Certificate”, it will show a popup window to download private file and certificate file.
Store both the keys in secure place
Set path for EC2_PRIVATE_KEY and EC2_CERT
Set EC2_HOME directory path, for EC2 API e.g. D:AWScliec2-api-tools
To verify command line you can try simple ec2 command ‘ec2-describe-regions’
For simplicity, you can create a batch file which runs above command and set path for command line tool.
For Linux machine you can set it using export
For more information you can set variables
- AWS_ACCOUNT_NUMBER: Account Id from Account Activity page. While using It in API, remove hyphens from Account number
- AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY: You will get it from Security Credential page
- Command line tool documentation links
- EC2 and AMI: http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/Welcome.html
- RDS: http://docs.aws.amazon.com/AmazonRDS/latest/CommandLineReference/Welcome.html
- IAM: http://docs.aws.amazon.com/IAM/latest/CLIReference/Welcome.html
- ElastiCache: http://docs.aws.amazon.com/AmazonElastiCache/latest/CommandLineReference/Welcome.html
- Other documentation links: http://aws.amazon.com/documentation/