AWS CLI & SDK – Automating AWS Like a Pro

Managing AWS via the web console is great for learning, but serious professionals use automation tools like the AWS Command Line Interface (CLI) and SDKs (Software Development Kits) to streamline workflows, deploy applications, and interact programmatically with AWS services.

🧑‍💻 What is AWS CLI?

AWS CLI is a unified tool to manage AWS services via terminal/command line. It supports all major services and can run commands from a local computer, a remote server, or a CI/CD pipeline.

📌 Ideal for automation, scripting, and DevOps tasks.

💻 Installing AWS CLI

✅ For Windows:

Download the .msi installer from the official AWS CLI page

✅ For macOS:

Bash

brew install awscli

brew install awscli

✅ For Linux:

Bash

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

🔐 Configuring AWS CLI

After installation, run:

Bash

aws configure

aws configure

You’ll be prompted to enter:

AWS Access Key ID
AWS Secret Access Key
Default Region (e.g., us-east-1)
Output Format (json, table, or text)

🔒 Tip: Never hard-code these keys in scripts. Use environment variables or IAM roles for security.

⚙️ AWS CLI Basics – Real Examples

✅ List all S3 buckets:

Bash

aws s3 ls

aws s3 ls

✅ Upload a file to S3:

Bash

aws s3 cp hello.txt s3://my-bucket-name/

aws s3 cp hello.txt s3://my-bucket-name/

✅ Launch an EC2 instance:

Bash

aws ec2 run-instances \
  --image-id ami-0abcdef1234567890 \
  --count 1 \
  --instance-type t2.micro \
  --key-name MyKeyPair \
  --security-groups MySecurityGroup

aws ec2 run-instances \
  --image-id ami-0abcdef1234567890 \
  --count 1 \
  --instance-type t2.micro \
  --key-name MyKeyPair \
  --security-groups MySecurityGroup

✅ Create a new IAM user:

Bash

aws iam create-user --user-name newadmin

aws iam create-user --user-name newadmin

📂 CLI Output Formats

Choose between:

json – best for parsing programmatically
table – human-readable
text – compact, script-friendly

Example:

Bash

aws ec2 describe-instances --output table

aws ec2 describe-instances --output table

🛡️ AWS CLI Profiles for Multi-Account Management

Use named profiles when working with multiple AWS accounts.

Bash

aws configure --profile prod-account

aws configure --profile prod-account

Call with:

Bash

aws s3 ls --profile prod-account

aws s3 ls --profile prod-account

🧰 AWS SDK – Write Code That Talks to AWS

The AWS SDK allows developers to integrate AWS directly into their applications using languages like Python, JavaScript, Java, PHP, and Go.

🔶 SDK for Python (Boto3)

✅ Installation:

Bash

pip install boto3

pip install boto3

✅ Basic S3 Upload:

Bash

import boto3

s3 = boto3.client('s3')
s3.upload_file('local.jpg', 'my-bucket', 'images/local.jpg')

import boto3

s3 = boto3.client('s3')
s3.upload_file('local.jpg', 'my-bucket', 'images/local.jpg')

✅ EC2 Instance Listing:

Bash

ec2 = boto3.client('ec2')
response = ec2.describe_instances()

for reservation in response['Reservations']:
    for instance in reservation['Instances']:
        print(instance['InstanceId'], instance['State']['Name'])

ec2 = boto3.client('ec2')
response = ec2.describe_instances()

for reservation in response['Reservations']:
    for instance in reservation['Instances']:
        print(instance['InstanceId'], instance['State']['Name'])

🟢 SDK for JavaScript (Node.js)

✅ Installation:

Bash

npm install aws-sdk

npm install aws-sdk

✅ Upload to S3:

JavaScript

const AWS = require('aws-sdk');
const fs = require('fs');

const s3 = new AWS.S3();

const uploadParams = {
  Bucket: 'my-bucket',
  Key: 'file.txt',
  Body: fs.createReadStream('file.txt'),
};

s3.upload(uploadParams, function(err, data) {
  if (err) console.log("Error", err);
  else console.log("Upload Success", data.Location);
});

const AWS = require('aws-sdk');
const fs = require('fs');

const s3 = new AWS.S3();

const uploadParams = {
  Bucket: 'my-bucket',
  Key: 'file.txt',
  Body: fs.createReadStream('file.txt'),
};

s3.upload(uploadParams, function(err, data) {
  if (err) console.log("Error", err);
  else console.log("Upload Success", data.Location);
});

When to Use CLI vs SDK?

Use Case	Best Tool
Automating deployments	AWS CLI, Bash
CI/CD pipelines	CLI or SDK
Application integrations	SDK
DevOps + Infrastructure as Code	CLI
Scripting & cron jobs	CLI

Real-World Scenarios

Scenario	Solution
Backup database to S3 every night	Cron job using CLI script
Upload user files via web form	SDK integration (Python, Node.js)
Auto-tagging resources	CLI or Lambda with SDK
Build infrastructure on commit	SDK in CodePipeline or CLI in GitHub Actions
Create dashboards based on usage	SDK + CloudWatch logs

🛡️ CLI & SDK Security Tips

Use IAM roles for EC2 or Lambda instead of hardcoding keys
Store credentials securely using AWS Secrets Manager
Rotate credentials regularly
Never commit .aws/credentials or .env files to GitHub
Use least privilege principle in IAM policies

📊 Monitoring and Troubleshooting

Use --debug flag to troubleshoot CLI commands
Enable CloudTrail to log all CLI and SDK calls
Monitor usage with CloudWatch Metrics

📌 Summary

Tool	Purpose	Use Case
AWS CLI	Command-line interaction with AWS	Scripts, automation, DevOps
AWS SDK	Integrate AWS in code applications	Web apps, integrations, functions
Boto3	AWS SDK for Python	ML, automation, analytics
aws-sdk	AWS SDK for JavaScript	Frontend/backend apps
Secure Use	Use IAM roles, Secrets Manager	Prevent leaks and misuse

📘 Continue to the Next Chapter

Elastic Load Balancing & Auto Scaling in AWS

Learn how to manage traffic distribution and scale applications automatically.

➡️