Note: This article is an English translation of my original article, which you can find here.
Introduction
In this article, I will explain how to interactively use the Python SDK, boto3, in AWS CloudShell.
CloudShell comes pre-installed with Python and boto3. Additionally, because CloudShell inherits authentication information from the Management Console, you don't need to explicitly pass credentials to boto3, eliminating the need for setup.
This technique is also highly useful for not only manipulating AWS resources but also for trying out boto3 APIs.
What is AWS CloudShell?
AWS CloudShell is a browser-based shell environment that can be accessed directly from the Management Console. It comes pre-installed with AWS CLI, various SDKs, and other shell utilities.
What is AWS CloudShell? - AWS CloudShell
What is boto3?
boto3 is the Python version of the AWS SDK. It is a Python library for programmatic access to AWS resources.
How to Interactively Run boto3
The steps for interactively running boto3 using AWS CloudShell are as follows:
1. Launch CloudShell
After logging into the Management Console, click the CloudShell icon (>.) located in the header.
2. Launch Python Interpreter
Once the shell launches, activate the Python interpreter by executing the following:
python3
Once the interpreter is launched, you'll see a >>> prompt.
Example Output:
[cloudshell-user@ip-xx-x-xx-xxx ~]$ python3
Python 3.7.16 (default, Aug 30 2023, 20:37:53)
[GCC 7.3.1 20180712 (Red Hat 7.3.1-15)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>>
You can interactively try out various Python functionalities and boto3 APIs until you exit the interpreter. All subsequent commands will be executed in this interpreter.
Note: The interpreter supports tab completion.
3. Import boto3
Execute the following command to import boto3:
import boto3
4. Initialize Session
Initialize a boto3 session. The authentication information and the region are inherited from the Management Console, but you can also specify them explicitly.
Example to specify the Tokyo region:
sess = boto3.Session(region_name='ap-northeast-1')
It's also possible to pass authentication information when initializing the session, but I'll omit that detail in this article.
5. Manipulate AWS Resources
Once the session is established, you can operate various AWS resources.
For example, to list all security groups:
ec2 = sess.client('ec2')
res = ec2.describe_security_groups()
print(res)
Example Output:
{'SecurityGroups': [{'Description': 'for test', 'GroupName': 'test-sg', 'IpPermissions': [], ...
If you find the JSON output hard to read, you can format it using Python's json module. Specifically, you can use the indent argument of the json.dumps() function to output the data in a neatly formatted manner.
import json
print(json.dumps(res, indent=2))
Example Output:
{
"SecurityGroups": [
{
"Description": "for test",
"GroupName": "test-sg",
"IpPermissions": [],
"OwnerId": "3328xxxxxxxx",
"GroupId": "sg-xxxxxxxxxxxxxxxxx",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "172.24.1.1/32",
"Description": "allow 172.24.1.1/32"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"VpcId": "vpc-xxxxxxxxxxxxxxxxx"
},
...
6. Exit the Interpreter
Finally, exit the interpreter by typing:
quit()
Summary
In this article, I explored how to interactively manipulate AWS resources using AWS CloudShell and boto3.
With CloudShell, you can use boto3 without any setup. Furthermore, using the Python interpreter, you can interactively try out boto3 APIs.
Top comments (1)
So informative article. Thanks Jun San