A quick reference for the AWS CLI (v2). Covers EC2, S3, IAM, Lambda, CloudFormation, and common flags for day-to-day cloud operations.
EC2
| Command | Description |
|---|---|
| aws ec2 describe-instances | List all EC2 instances |
| aws ec2 run-instances --image-id ami-xxx --instance-type t3.micro | Launch an instance |
| aws ec2 start-instances --instance-ids i-xxx | Start a stopped instance |
| aws ec2 stop-instances --instance-ids i-xxx | Stop a running instance |
| aws ec2 terminate-instances --instance-ids i-xxx | Terminate an instance |
| aws ec2 describe-security-groups | List security groups |
| aws ec2 create-key-pair --key-name mykey | Create an SSH key pair |
| aws ec2 describe-vpcs | List VPCs |
S3
| Command | Description |
|---|---|
| aws s3 ls | List all buckets |
| aws s3 ls s3://bucket/prefix/ | List objects in bucket prefix |
| aws s3 cp file.txt s3://bucket/ | Upload file to S3 |
| aws s3 cp s3://bucket/file.txt . | Download file from S3 |
| aws s3 sync ./dir s3://bucket/dir | Sync local directory to S3 |
| aws s3 mb s3://new-bucket | Create a new bucket |
| aws s3 rb s3://bucket --force | Delete bucket and all objects |
| aws s3 presign s3://bucket/key --expires-in 3600 | Generate pre-signed URL (1hr) |
IAM
| Command | Description |
|---|---|
| aws iam create-user --user-name dev | Create IAM user |
| aws iam list-users | List all IAM users |
| aws iam create-access-key --user-name dev | Create access key for user |
| aws iam attach-user-policy --user-name dev --policy-arn arn:... | Attach policy to user |
| aws iam list-attached-user-policies --user-name dev | List user policies |
| aws iam create-role --role-name myrole --assume-role-policy-document file://trust.json | Create IAM role |
| aws sts get-caller-identity | Show current IAM identity |
| aws iam delete-user --user-name dev | Delete IAM user |
Lambda
| Command | Description |
|---|---|
| aws lambda list-functions | List all Lambda functions |
| aws lambda invoke --function-name myfn out.json | Invoke a function |
| aws lambda create-function --function-name myfn --runtime nodejs20.x --handler index.handler --zip-file fileb://fn.zip --role arn:... | Create a function |
| aws lambda update-function-code --function-name myfn --zip-file fileb://fn.zip | Update function code |
| aws lambda get-function --function-name myfn | Get function configuration |
| aws lambda delete-function --function-name myfn | Delete a function |
| aws logs tail /aws/lambda/myfn --follow | Tail function logs |
CloudFormation
| Command | Description |
|---|---|
| aws cloudformation deploy --template-file tpl.yaml --stack-name mystack | Deploy or update a stack |
| aws cloudformation describe-stacks --stack-name mystack | Describe a stack |
| aws cloudformation list-stacks | List all stacks |
| aws cloudformation describe-stack-events --stack-name mystack | Show stack events |
| aws cloudformation delete-stack --stack-name mystack | Delete a stack |
| aws cloudformation validate-template --template-body file://tpl.yaml | Validate a template |
Common Flags
| Flag | Description |
|---|---|
| --region us-east-1 | Override default AWS region |
| --profile staging | Use a named CLI profile |
| --output json | table | text | Set output format |
| --query "Reservations[].Instances[]" | JMESPath query to filter output |
| --dry-run | Validate permissions without executing |
| --no-paginate | Disable automatic pagination |
| --cli-auto-prompt | Enable interactive auto-prompt |
Configuration
| Command | Description |
|---|---|
| aws configure | Set up credentials interactively |
| aws configure list | Show current configuration |
| aws configure set region us-west-2 | Set a specific config value |
| aws configure list-profiles | List all configured profiles |
| export AWS_PROFILE=staging | Switch profile via environment |
| export AWS_DEFAULT_REGION=eu-west-1 | Set region via environment |