How-To

Getting to Know the Basic AWS CLI Command Syntax

Although similar to PowerShell, the AWS command structure does have its own nuances.

• By Brien Posey
• 06/25/2018

One of the nice things about the Amazon Web Services (AWS) environment is that it includes a GUI that's sufficient for performing most administrative tasks. Even so, most administrators eventually have to delve into the command line, especially if they're performing bulk operations. As such, it's important to have at least a basic understanding of how the AWS Command Line Interface (AWS CLI) syntax works. In this article, I want to introduce you to the way that commands are structured.

The first thing you need to understand about AWS CLI is that it's designed to provide a semi-consistent experience across OSes. Amazon knows that some administrators work from Windows machines, while others might use Linux or Mac. As such, it wanted to create a management interface that would support the same commands regardless of OS. This approach has its good points, but it also has its bad points.

The good points are obvious. Amazon created a mostly consistent management tool. I say mostly consistent, because there are minor differences between one OS and the next. Windows might require you to enclose a value between apostrophes, for example, while Linux uses quotation marks. Aside from these types of OS-level nuances, the command-line experience is very similar from one platform to the next.

The disadvantage to having a consistent management experience across OSes is that the command structure isn't native. In Windows, for example, AWS CLI commands are exposed through PowerShell, but AWS CLI doesn't adhere to the normal PowerShell cmdlet structure.

PowerShell cmdlets are normally made up of verb-noun combinations. In the Get-Help cmdlet, for example, Get is the verb, and Help is the noun. The verb and the noun are separated by a dash. All PowerShell cmdlets are structured in this way. You might have seen cmdlets such as select or FL that seem to defy this convention, but these are actually aliases. Select is an alias for the Select-Object cmdlet, and FL is an alias for Format-List. So with that said, let's talk about AWS CLI commands and the way that they're exposed through PowerShell.

Once you install AWS CLI, PowerShell continues to support all of the native PowerShell cmdlets, but it also supports AWS cmdlets. The way you can differentiate between the two is that all AWS-related commands start with AWS. The AWS command is then followed by the name of the AWS service to which the command pertains. If, for example, you wanted to direct a command at AWS EC2, then the first part of the command would be:

AWS EC2

This tells PowerShell that the command isn't intended to be executed against the local Windows OS, but rather against the AWS cloud, and that whatever comes next is to be directed at the EC2 service.

The next part of the command syntax describes the management action that's to be performed against the specified AWS service. Each of the AWS services kind of has its own way of doing things, but in most cases the service-level command that's used resembles native PowerShell in that it's made up of a verb and a noun, which are separated by a dash. Let me give you an example.

As I'm sure you probably know, the service that Amazon uses for user account management (outside of the Directory Service) is called Amazon IAM (IAM is an acronym for Identity and Access Management). With that said, let's pretend you wanted to see all of the user accounts that had been set up within your AWS subscription. Because we're working in PowerShell the first thing we have to do is issue the AWS command to redirect the rest of the command to the AWS cloud. Next, we have to provide the name of the AWS service that we want to use, which in this case is IAM. Finally, we can use a PowerShell-like command to specify what it is that we want to do. In this case, the command is List-Users. This portion of the command might look like this:

AWS IAM List-Users

In many cases, there are going to be additional parameters that you need to provide. The syntax for doing so can vary, but it's common for a parameter to be preceded by two dashes. If you wanted the List-Users command's output to be displayed in table format, for example, you could specify two dashes, the word output, and the word table. The command in its entirety looks like this:

AWS IAM List-Users --Output Table

So as you can see, the AWS command structure really isn't all that different from PowerShell, but there are some AWS-specific nuances to which you'll have to adhere.