Click any command to expand the explanation and examples.
🔧 Setup & Config
aws configure setup
# Interactive setup aws configureSet specific profile
aws configure —profile staging
Check current identity
aws sts get-caller-identity
Use a profile
aws s3 ls —profile staging export AWS_PROFILE=staging # Set for entire session
Check current region
aws configure get region
Output formats setup
# Set default output format aws configure set output jsonOverride per command
aws ec2 describe-instances —output table aws ec2 describe-instances —output text aws ec2 describe-instances —output yaml
Filter with —query (JMESPath)
aws ec2 describe-instances —query ‘Reservations[].Instances[].InstanceId’
📦 S3 — Storage
aws s3 — high-level commands s3
# List buckets aws s3 lsList objects in bucket
aws s3 ls s3://my-bucket/ aws s3 ls s3://my-bucket/folder/ —recursive
Copy files
aws s3 cp file.txt s3://my-bucket/ aws s3 cp s3://my-bucket/file.txt ./ aws s3 cp s3://bucket-a/ s3://bucket-b/ —recursive
Sync (like rsync)
aws s3 sync ./dist s3://my-bucket/ —delete aws s3 sync s3://my-bucket/ ./backup/
Remove
aws s3 rm s3://my-bucket/file.txt aws s3 rm s3://my-bucket/ —recursive # Empty bucket
Create bucket
aws s3 mb s3://my-new-bucket —region eu-west-1
Delete bucket
aws s3 rb s3://my-bucket —force # Force removes contents too
Presigned URL (temporary access)
aws s3 presign s3://my-bucket/file.pdf —expires-in 3600
🖥️ EC2 — Compute
aws ec2 — instances ec2
# List instances aws ec2 describe-instances aws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,State.Name,InstanceType]' --output tableFilter by tag
aws ec2 describe-instances —filters “Name=tag:Name,Values=web-server”
Filter by state
aws ec2 describe-instances —filters “Name=instance-state-name,Values=running”
Start / stop / terminate
aws ec2 start-instances —instance-ids i-1234567890abcdef0 aws ec2 stop-instances —instance-ids i-1234567890abcdef0 aws ec2 terminate-instances —instance-ids i-1234567890abcdef0
Get public IP
aws ec2 describe-instances —instance-ids i-123 —query ‘Reservations[0].Instances[0].PublicIpAddress’ —output text
Security groups ec2
# List security groups aws ec2 describe-security-groupsCreate security group
aws ec2 create-security-group —group-name my-sg —description “My SG” —vpc-id vpc-123
Allow inbound SSH
aws ec2 authorize-security-group-ingress —group-id sg-123 —protocol tcp —port 22 —cidr 0.0.0.0/0
Allow inbound HTTP/HTTPS
aws ec2 authorize-security-group-ingress —group-id sg-123 —protocol tcp —port 80 —cidr 0.0.0.0/0 aws ec2 authorize-security-group-ingress —group-id sg-123 —protocol tcp —port 443 —cidr 0.0.0.0/0
⚡ Lambda — Serverless
aws lambda lambda
# List functions aws lambda list-functions aws lambda list-functions --query 'Functions[].FunctionName'Invoke a function
aws lambda invoke —function-name my-func —payload ’{“key”: “value”}’ output.json cat output.json
Update function code
aws lambda update-function-code —function-name my-func —zip-file fileb://function.zip
View logs (last invocation)
aws lambda invoke —function-name my-func —log-type Tail output.json —query ‘LogResult’ —output text | base64 —decode
Update environment variables
aws lambda update-function-configuration —function-name my-func —environment “Variables={KEY=value,DB=prod}“
👤 IAM — Identity
aws iam iam
# List users aws iam list-usersList roles
aws iam list-roles —query ‘Roles[].RoleName’
List policies attached to a user
aws iam list-attached-user-policies —user-name alice
Create user
aws iam create-user —user-name deploy-bot
Create access key
aws iam create-access-key —user-name deploy-bot
Attach policy to user
aws iam attach-user-policy —user-name deploy-bot —policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess
📊 CloudWatch — Logs & Monitoring
aws logs logs
# List log groups aws logs describe-log-groupsTail logs (live)
aws logs tail /aws/lambda/my-func —follow
Get recent logs
aws logs tail /aws/lambda/my-func —since 1h
Filter logs
aws logs filter-log-events —log-group-name /aws/lambda/my-func —filter-pattern “ERROR”
🏗️ CloudFormation / Infrastructure
aws cloudformation infra
# List stacks aws cloudformation list-stacks --stack-status-filter CREATE_COMPLETE UPDATE_COMPLETEDeploy stack
aws cloudformation deploy —template-file template.yaml —stack-name my-stack —capabilities CAPABILITY_IAM
Describe stack
aws cloudformation describe-stacks —stack-name my-stack
Stack events (debugging)
aws cloudformation describe-stack-events —stack-name my-stack
Delete stack
aws cloudformation delete-stack —stack-name my-stack
Validate template
aws cloudformation validate-template —template-body file://template.yaml
🔍 Useful Patterns
Common one-liners tips
# Who am I? aws sts get-caller-identityGet account ID
aws sts get-caller-identity —query Account —output text
List all regions
aws ec2 describe-regions —query ‘Regions[].RegionName’ —output text
Estimate S3 bucket size
aws s3 ls s3://my-bucket —recursive —summarize | tail -2
Find unattached EBS volumes
aws ec2 describe-volumes —filters “Name=status,Values=available” —query ‘Volumes[].VolumeId’
Export to JSON for scripting
aws ec2 describe-instances —output json > instances.json