Common AWS EC2 CLI commands

Amazon Web Services

The AWS GUI console is a basic way to manage AWS EC2 instances. If you are performing repetitive tasks on multiple instances then using the CLI is a better way to manage.

All these commands assume you have the necessary permissions to run.

This is some more common CLI examples:

Quick Reference:

For your future quick reference, here are all the commands mentioned in this tutorial. Be sure to read the details provided in this tutorial below to understand more about these commands.

1. View Current Status of an Instance

The following “aws ec2 describe-instances” will display detailed information about all instances that are managed by you. The output will be in JSON format.

If you have way too many instances, you can use the filter option to view a specific instance.

The following will display only the instance which has the “Name” tag set as “dev-server”.

From the above output, we can see that this instance is currently “stopped” and is not running.

2. Start an Instance

The following “aws ec2 start-instances” command will start the instance that is specified in the –instance-ids field.

This will also display the current state and the previous state of the instance in the output. As you see from the following output, previously this instance was “stopped” and now it is in “pending” state and will be started soon.

If you want to start multiple instances using a single command, provide all the instance ids at the end as shown below.

3. Stop an Instance

The following “aws ec2 stop-instances” command will stop the instance that is specified in the –instance-ids field.

As you see from the output, previously this particular instance was in “running” state and currently it is in “stopping” state and will be stopped very soon.

The following are the possible state name and state code for an instance:

  • 0 is for pending
  • 16 is for running
  • 32 is for shutting-down
  • 48 is for terminated
  • 64 is for stopping
  • 80 is for stopped

If you execute the above command on an instance that is already stopped, you’ll see both the previous state and the current state as stopped.

To stop multiple instances together, specify one or more instances ids as shown below.

You can also force an instance to stop. This will not give the system an opportunity to flush the filesystem level cache. Use this only when you know exactly what you are doing.

4. Terminate an Instance

The following “aws ec2 terminate-instances” command will terminate the instance that is specified in the –instance-ids field.

As you see from the output, previously this particular instance was in “stopped” state and it is not in “terminated” state.

Be very careful when you are terminating an instance, as you can’t get your instance back once it is terminated. Terminate is not same as stop.

5. Add Name Tag to an Instance

The following “aws ec2 create-tags” command will add a new tag to the specified instance.

In this example, we are adding a tag with Key as “Department”, and it’s Value as “Finance”

Now you’ll see that the new Tag has been added.

You can also verify the TAG from the AWS Management Console GUI

6. Add Storage (Block Device) to an Instance

First, use the following command to get a list of all block device volumes that are available for you. Look for those volumes that has the State as “available”

From the above, get the VolumeId, and use that in the following “aws ec2 attach-volume” command to attach that volume to a particular instance.

In the following command, you should also specify the –device option, which will be the the disk name that will be used at the OS level for this particular volume.

In this example, this volume will be attached as “/dev/sdh” disk.

Note: When you attach a volume to an instance from the AWS management console, by default it will automatically populate the device. But in the AWS EC2 CLI, you have to specify the device name as shown below.

After attaching the device, you’ll notice that the state changed from “available” to “attached” for this particular volume.

7. Launch a New EC2 Instance

The following command will create a new AWS EC2 instance for you.

This is equivalent to the “Launch Instance” that you’ll perform the AWS management console.

To launch an instance, use “aws ec2 run-instances” command as shown below.

In the above command:

  • –image-id Specify the image id for the AMI that you want to launch. You can browse the AWS marketplace and choose the correct image that is required for your project.
  • –count Specify the number of instance that you want to launch from this image. In this case, we are creating only one new instance.
  • –instance-type In this example, I’m launching this instance as a t1.micro type, which doesn’t use have CPU and RAM.
  • –key-name Specify the name of the key pair that you want to use this with system. You should create your own key pair before launching your instance.
  • –security-groups Specify the name of the security groups. You should create a security group with appropriate firewall rules that are required for your project.

The following is a sample full output of the above command, which display all the information about the newly launched instance.

If you get the following error message, then the instance type you’ve selected is not supported for this AMI. Change the instance type and try again.

The following are additional parameters that you can pass with the “aws ec2run-instances” command

  • –subnet-id Use the appropriate subnet id to launch a EC2 VPC instance
  • –block-device-mappings file://mymap.json In this JSON file you can specify the volumes that you want to attach to the instance that you want to launch
  • –user-data file://myuserdata.txt In this text file you can specify the userdata that need to be executed when the EC2 instance is launched
  • –iam-instance-profile Name=myprofile You can also specify your IAM profile that you want to use while launching the instance

8. Reboot an Instance (and General Options)

To reboot an instance, use “aws ec2 reboot-instances” command as shown below.

The are few options that you can use pretty much with most of the AWS EC2 cli commands.

For example, you can use “–dry-run” option pretty much with all the AWS EC2 cli command. As the name suggests, it will not really execute the command. This will only perform a dry-run and display all possible error messages without really doing anything.

For example, the following is a dry-run operation when you want to stop an instance.

When you are performing a dry-run the following are the two possible errors:

  • If you have appropriate permission, it will display “DryRunOperation” error, and any other real error message that are related to that specific command that you are executing.
  • If you don’t have permission to execute that particular command, it will display “UnauthorizedOperation” error

You can also specify the input to the AWS EC2 cli in JSON format using the –cli-input-json option as shown below.

If you don’t know exactly what kind of information needs to passed for a particular EC2 command in JSON format, you can use –generate-cli-skeleton as shown below. Once you have the JSON output, modify the appropriate values, and use it as an input to –cli-input-json option.

The following is an example JSON file that can be used as an input to AWS EC2 CLI command.

In the following example, we are using the above stop.json file as an value for the –client-input-json option as shown below. Don’t forget to give “file://”

9. Change Instance Type

Before changing: In this example, the following instance is of type t1.micro

You can change the above instance to a different instance type.

For that, first stop the instance. Without stopping you cannot change the instance type.

The following “aws ec2 modify-instance-attribute” is used to change the instance type. In this example, we are changing the instance type to “m1.small”

After changing, the following is the instance type.

If an instance type is not supported for your particular image, you’ll get the following error message. In this example, t2.nano is not supported for this particular image.

10. Create a New Image

From your particular instance that is running with all the configuration changes that you’ve done so far, you can create a new image using the following “aws ec2 create-image” command.

This is helpful when you want to launch new instance based on this new image that you created which has your changes in it.

Use the following “aws ec2 describe-images” command to view the details of the new image that you’ve just created.

11. Delete an Image

When you create an image, it also creates a snapshot.

So, when you are deleting your image you have to do two things.

First, use the “aws ec2 deregister-image” command to dereigser the Image.

Next, use the “aws ec2 delete-snapshot” command to delete the snapshot that is associated with your image.

12. Enable Instance Termination Protection

It is very easy to delete an running instance by mistake when you execute the terminate command by mistake (Either from UI or from command line).

By default termination protection is turned off. This means that you can delete your instance by mistake.

To enable termination protection for your instance, use the “aws ec2 modify-instance-attribute” command, and pass the “–disable-api-termination” option as shown below.

Later if you want to disable the termination protection, execute the following command.

13. Get System Log (View Console Output)

Since you don’t have a physical access to the console for the instances that are running on AWS EC2, use the following command.

This “aws ec2 get-console-output” command will display whatever was sent to the system console for your particular instance.

This is very helpful when you are debugging some issues on your system.

14. Enable Cloudwatch Monitoring for an Instance

The following “aws ec2 monitor-instances” command will enable advanced cloudwatch monitoring provided by AWS to your specified instance.

Since there are some cost associated with the monitoring of instance, you may want to enable monitoring temporarily when you are debugging some issue, and later you can disable the montiroing using the following command.

15. AWS EC2 Key Pairs

The following “aws ec2 describe-key-pairs” command will display all keypairs that you’ve created so far in AWS.

To create a new Keypair use the following “aws ec2 create-key-pair” command. In this example, I’m creating a key pair with name “dev-servers”. I’ll be using this key-pair for all my dev instances.

If you have created a keypair by mistake, use the following command to delete it.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Amazon Web Services
Copy All files from an S3 Bucket to your PC

This powershell script copies the contents of an S3 bucket to your pc. # Your account access key – must have read access to your S3 Bucket $accessKey = “YOUR-ACCESS-KEY” # Your account secret access key $secretKey = “YOUR-SECRET-KEY” # The region associated with your bucket e.g. eu-west-1, us-east-1 etc. …

Amazon Web Services
Using multiple IAM profiles through AWS CLI

We have several different environments hosted in different Amazon accounts so need to create IAM accounts for each. So switching between different IAM accounts is very useful. The AWS CLI allows you to store different profiles. If you haven’t installed the CLI already, then follow Amazon’s guide here. Configuring Multiple …

Amazon Web Services
How to Increase the Size of an AWS EBS Cloud Volume attached to a Windows Instance

The Amazon Elastic Block Store (Amazon EBS) offers persistent storage for Amazon EC2 instances through EBS volumes. Amazon EBS provides the ability to create point-in-time consistent snapshots of the volumes, which are then stored in Amazon S3. These snapshots are also replicated across multiple Availability Zones automatically. Snapshots play an …