Using PowerShell for managing AWS resources: Difference between revisions

From PUBLIC-WIKI
Jump to navigation Jump to search
← Older editNewer edit →
Eyales (talk | contribs)
404 edits
No edit summary
Eyales (talk | contribs)
404 edits
No edit summary
Line 97: Line 97:
: Example:
: Example:
: '''New-EC2VPC -CidrBlock 10.0.0.0/16 -Region us-east-1 -ProfileName MyProfile'''
: '''New-EC2VPC -CidrBlock 10.0.0.0/16 -Region us-east-1 -ProfileName MyProfile'''
== Subnet related commands ==
* List all available subnets inside a specific region:
: '''Get-EC2Subnet -Region <Region_Name> -ProfileName <Profile_Name>'''
: Note 1: Replace '''<Region_Name>''' with the target region, from the list below:
: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
: Note 2: Replace '''<Profile_Name>''' with your own profile name
: Example:
: '''Get-EC2Subnet -Region us-east-1 -ProfileName MyProfile'''
* Get information about specific subnet:
: '''Get-EC2Subnet -SubnetId <Subnet_ID> -Region <Region_Name> -ProfileName <Profile_Name>'''
: Note 1: The above command should be written in a single line
: Note 2: Replace '''<Subnet_ID>''' with the relevant value
: Note 3: Replace '''<Region_Name>''' with the target region, from the list below:
: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
: Note 4: Replace '''<Profile_Name>''' with your own profile name
: Example:
: '''Get-EC2Subnet -SubnetId subnet-101ad84c -Region us-east-1 -ProfileName MyProfile'''
== Security Group related commands ==
* List all security groups in a specific region:
: '''Get-EC2SecurityGroup -Region <Region_Name> -ProfileName <Profile_Name>'''
: Note 1: Replace '''<Region_Name>''' with the target region, from the list below:
: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
: Note 2: Replace '''<Profile_Name>''' with your own profile name
: Example:
: '''Get-EC2SecurityGroup -Region us-east-1 -ProfileName MyProfile'''
* Create a new security group inside a specific VPC:
: '''$groupid = New-EC2SecurityGroup -VpcId <VPC_Name> -GroupName <Security_Group_Name> -GroupDescription <Group_Description> -Region <Region_Name> -ProfileName <Profile_Name>'''
: Note 1: The above command should be written a single line
: Note 2: Replace '''<VPC_Name>''' with the relevant value
: Note 3: Replace '''<Security_Group_Name>''' with a unique value (up to 255 characters), as mentioned below:
: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
: Note 4: Replace '''<Group Description>''' with relevant value, as mentioned below:
: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
: Note 5: Replace '''<Region_Name>''' with the target region, from the list below:
: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
: Note 6: Replace '''<Profile_Name>''' with your own profile name
: Example:
: '''$groupid = New-EC2SecurityGroup -VpcId "vpc-64c0c61f" -GroupName "myPSSecurityGroup" -GroupDescription "EC2-VPC from PowerShell" -Region us-east-1 -ProfileName cliuser'''
Reference:
:* Create and view EC2 security groups with PowerShell
: https://4sysops.com/archives/create-and-view-ec2-security-groups-with-powershell/

Revision as of 09:36, 10 March 2019

How to configure PowerShell for managing AWS resources (Windows platform)

  • Login to the machine using privileged account.
  • From command prompt, run the command below to invoke PowerShell:
powershell
Note: You need to run cmd.exe or PowerShell.exe as administrator.
  • Run the command below to find out the current PowerShell version:
$PSVersionTable.PSVersion
  • In-case you currently have version older than 5.1, follow the article below to locate the download URL for upgrading to the latest version of PowerShell:
https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-windows-powershell?view=powershell-6
Also, review the article below for PowerShell installation pre-requirements:
https://docs.microsoft.com/en-us/powershell/scripting/setup/windows-powershell-system-requirements?view=powershell-5.1
  • Run the below command to check if you have PowerShellGet installed on your system:
Get-Module PowerShellGet -list | Select-Object Name,Version,Path
  • In-case you don’t have PowerShellGet, run the commands below:
Install-PackageProvider Nuget –Force
Install-Module -Name PowerShellGet –Force
For more information about installation or upgrade of PowerShellGet, see:
https://docs.microsoft.com/en-us/powershell/gallery/installing-psget
  • Run the command below to install AWS tools for PowerShell core:
Install-Module -Name AWSPowerShell.NetCore -AllowClobber -Force
  • Run the command below to import the AWS PowerShell module:
Import-Module AWSPowerShell
  • Run the command below to update to the latest AWS PowerShell module:
Update-Module -Name AWSPowerShell.NetCore -Force
  • To view the installed versions of AWS PowerShell module, run the command below:
Get-Module -Name AWSPowerShell -List | select Name,Version
Get-Module -Name AWSPowerShell.NetCore -List | select Name,Version
  • To view the list of AWS services supported by the Tools for PowerShell, run the command below:
Get-AWSPowerShellVersion -ListServiceVersionInfo

How to configure PowerShell for managing Azure resources (CentOS platform)

  • Login to the machine using privileged account.
  • Run the command below to register the RedHat repository:
curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum.repos.d/microsoft.repo
Note: The above command should be written in a single line
  • Run the command below to install PowerShell:
sudo yum install -y powershell
  • From command prompt, run the command below to invoke PowerShell:
sudo pwsh
  • Run the command below to find out the current PowerShell version:
$PSVersionTable.PSVersion
  • Run the below command to check if you have PowerShellGet installed on your system:
Get-Module PowerShellGet -list | Select-Object Name,Version,Path
  • In-case you don’t have PowerShellGet, run the commands below:
Install-Module -Name PowerShellGet –Force
For more information about installation or upgrade of PowerShellGet, see:
https://docs.microsoft.com/en-us/powershell/gallery/installing-psget
  • Run the command below to install AWS tools for PowerShell core:
Install-Module -Name AWSPowerShell.NetCore -AllowClobber -Force
  • Run the command below to update to the latest AWS PowerShell module:
Update-Module -Name AWSPowerShell.NetCore -Force
  • To view the installed versions of AWS PowerShell module, run the command below:
Get-Module -Name AWSPowerShell.NetCore -List | select Name,Version
  • To view the list of AWS services supported by the Tools for PowerShell, run the command below:
Get-AWSPowerShellVersion -ListServiceVersionInfo

How to configure AWS Account and Access Keys

  • Login to the IAM Console:
https://console.aws.amazon.com/iam/
  • From the left pane, click on Users -> click on “Add user” -> specify the user name -> access type: “Programmatic access” -> do not select “AWS Management Console access” -> click “Next: Permissions”
  • From the “add user to group”, either select existing group or click on “Create group” -> click “Next: Review” -> click on “Create user”
  • Download the CSV file with the “Access key ID” and “Secret access key” and save the CSV file in a secure location
  • Click Close

Managing Profiles

  • Login to the machine using privileged account.
  • From command prompt, run the command below to invoke PowerShell (Windows platform)
powershell
  • From command prompt, run the command below to invoke PowerShell (CentOS platform)
sudo pwsh
  • Run the command below to add a new profile:
Set-AWSCredential -AccessKey <AWS_Access_Key> -SecretKey <AWS_Secret_Key> -StoreAs <Profile_Name>
Note 1: Replace <AWS_Access_Key> with the relevant value from the CSV file created above.
Note 2: Replace <AWS_Secret_Key> with the relevant value from the CSV file created above.
Note 3: Replace <Profile_Name> with your own profile name
  • List all available profiles:
Get-AWSCredential -ListProfileDetail

Reference:

  • List all available VPC’s in a specific region:
Get-EC2VPC -Region <Region_Name> -ProfileName <Profile_Name>
Note 1: Replace <Region_Name> with the target region, from the list below:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
Note 2: Replace <Profile_Name> with your own profile name
Example:
Get-EC2VPC -Region us-east-1 -ProfileName MyProfile
  • Create a new VPC inside a specific region:
New-EC2VPC -CidrBlock <CIDR_Block> -Region <Region_Name> -ProfileName <Profile_Name>
Note 1: The above command should be written in a single line
Note 2: Replace <CIDR_Block> with the IPv4 network range for the VPC, in CIDR notation. For example, 10.0.0.0/16.
Note 2: Replace <Region_Name> with the target region, from the list below:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
Note 3: Replace <Profile_Name> with your own profile name
Example:
New-EC2VPC -CidrBlock 10.0.0.0/16 -Region us-east-1 -ProfileName MyProfile
  • List all available subnets inside a specific region:
Get-EC2Subnet -Region <Region_Name> -ProfileName <Profile_Name>
Note 1: Replace <Region_Name> with the target region, from the list below:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
Note 2: Replace <Profile_Name> with your own profile name
Example:
Get-EC2Subnet -Region us-east-1 -ProfileName MyProfile
  • Get information about specific subnet:
Get-EC2Subnet -SubnetId <Subnet_ID> -Region <Region_Name> -ProfileName <Profile_Name>
Note 1: The above command should be written in a single line
Note 2: Replace <Subnet_ID> with the relevant value
Note 3: Replace <Region_Name> with the target region, from the list below:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
Note 4: Replace <Profile_Name> with your own profile name
Example:
Get-EC2Subnet -SubnetId subnet-101ad84c -Region us-east-1 -ProfileName MyProfile
  • List all security groups in a specific region:
Get-EC2SecurityGroup -Region <Region_Name> -ProfileName <Profile_Name>
Note 1: Replace <Region_Name> with the target region, from the list below:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
Note 2: Replace <Profile_Name> with your own profile name
Example:
Get-EC2SecurityGroup -Region us-east-1 -ProfileName MyProfile
  • Create a new security group inside a specific VPC:
$groupid = New-EC2SecurityGroup -VpcId <VPC_Name> -GroupName <Security_Group_Name> -GroupDescription <Group_Description> -Region <Region_Name> -ProfileName <Profile_Name>
Note 1: The above command should be written a single line
Note 2: Replace <VPC_Name> with the relevant value
Note 3: Replace <Security_Group_Name> with a unique value (up to 255 characters), as mentioned below:
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Note 4: Replace <Group Description> with relevant value, as mentioned below:
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html
Note 5: Replace <Region_Name> with the target region, from the list below:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
Note 6: Replace <Profile_Name> with your own profile name
Example:
$groupid = New-EC2SecurityGroup -VpcId "vpc-64c0c61f" -GroupName "myPSSecurityGroup" -GroupDescription "EC2-VPC from PowerShell" -Region us-east-1 -ProfileName cliuser

Reference:

  • Create and view EC2 security groups with PowerShell
https://4sysops.com/archives/create-and-view-ec2-security-groups-with-powershell/
Retrieved from "http://public-wiki.iucc.ac.il/index.php?title=Using_PowerShell_for_managing_AWS_resources&oldid=846"