AWS Cheat Sheet
Complete reference guide for AWS with interactive examples and live playground links
Basic Services
EC2
EC2 commands
AWS
# Launch instance
aws ec2 run-instances \
--image-id ami-0c55b159cbfafe1f0 \
--instance-type t2.micro \
--key-name my-key-pair \
--security-group-ids sg-xxxxxxxx \
--subnet-id subnet-xxxxxxxx
# List instances
aws ec2 describe-instances
# Start/Stop instance
aws ec2 start-instances --instance-ids i-xxxxxxxx
aws ec2 stop-instances --instance-ids i-xxxxxxxx
# Terminate instance
aws ec2 terminate-instances --instance-ids i-xxxxxxxx
S3
S3 commands
AWS
# Create bucket
aws s3 mb s3://my-bucket
# List buckets
aws s3 ls
# Upload file
aws s3 cp file.txt s3://my-bucket/
# Download file
aws s3 cp s3://my-bucket/file.txt .
# List objects
aws s3 ls s3://my-bucket/
# Delete object
aws s3 rm s3://my-bucket/file.txt
# Delete bucket
aws s3 rb s3://my-bucket --force
IAM
IAM commands
AWS
# Create user
aws iam create-user --user-name myuser
# Create group
aws iam create-group --group-name mygroup
# Add user to group
aws iam add-user-to-group \
--user-name myuser \
--group-name mygroup
# Attach policy
aws iam attach-user-policy \
--user-name myuser \
--policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
# Create access key
aws iam create-access-key --user-name myuser
Advanced Services
Lambda
Lambda commands
AWS
# Create function
aws lambda create-function \
--function-name my-function \
--runtime nodejs14.x \
--handler index.handler \
--role arn:aws:iam::account-id:role/lambda-role \
--zip-file fileb://function.zip
# Invoke function
aws lambda invoke \
--function-name my-function \
--payload '{"key": "value"}' \
output.txt
# List functions
aws lambda list-functions
# Update function
aws lambda update-function-code \
--function-name my-function \
--zip-file fileb://function.zip
RDS
RDS commands
AWS
# Create instance
aws rds create-db-instance \
--db-instance-identifier mydb \
--db-instance-class db.t2.micro \
--engine mysql \
--master-username admin \
--master-user-password password \
--allocated-storage 20
# List instances
aws rds describe-db-instances
# Create snapshot
aws rds create-db-snapshot \
--db-snapshot-identifier mysnapshot \
--db-instance-identifier mydb
# Restore from snapshot
aws rds restore-db-instance-from-db-snapshot \
--db-instance-identifier mydb-restored \
--db-snapshot-identifier mysnapshot
CloudFormation
CloudFormation commands
AWS
# Create stack
aws cloudformation create-stack \
--stack-name my-stack \
--template-body file://template.yaml \
--parameters ParameterKey=KeyName,ParameterValue=my-key
# Update stack
aws cloudformation update-stack \
--stack-name my-stack \
--template-body file://template.yaml
# List stacks
aws cloudformation list-stacks
# Delete stack
aws cloudformation delete-stack \
--stack-name my-stack
Networking
VPC
VPC commands
AWS
# Create VPC
aws ec2 create-vpc \
--cidr-block 10.0.0.0/16
# Create subnet
aws ec2 create-subnet \
--vpc-id vpc-xxxxxxxx \
--cidr-block 10.0.1.0/24
# Create security group
aws ec2 create-security-group \
--group-name my-sg \
--description "My security group" \
--vpc-id vpc-xxxxxxxx
# Add rule
aws ec2 authorize-security-group-ingress \
--group-id sg-xxxxxxxx \
--protocol tcp \
--port 80 \
--cidr 0.0.0.0/0
Route 53
Route 53 commands
AWS
# Create hosted zone
aws route53 create-hosted-zone \
--name example.com \
--caller-reference $(date +%s)
# Create record
aws route53 change-resource-record-sets \
--hosted-zone-id ZXXXXXXXXXXXXXXX \
--change-batch '{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "A",
"TTL": 300,
"ResourceRecords": [{"Value": "1.2.3.4"}]
}
}]
}'
CloudFront
CloudFront commands
AWS
# Create distribution
aws cloudfront create-distribution \
--origin-domain-name my-bucket.s3.amazonaws.com \
--default-root-object index.html
# List distributions
aws cloudfront list-distributions
# Invalidate cache
aws cloudfront create-invalidation \
--distribution-id EXXXXXXXXXXXXXXX \
--paths "/*"
Security
KMS
KMS commands
AWS
# Create key
aws kms create-key \
--description "My key" \
--key-usage ENCRYPT_DECRYPT
# Encrypt data
aws kms encrypt \
--key-id alias/my-key \
--plaintext fileb://plaintext.txt \
--output text \
--query CiphertextBlob \
> encrypted.txt
# Decrypt data
aws kms decrypt \
--ciphertext-blob fileb://encrypted.txt \
--output text \
--query Plaintext \
> decrypted.txt
Secrets Manager
Secrets Manager commands
AWS
# Create secret
aws secretsmanager create-secret \
--name my-secret \
--secret-string '{"username":"admin","password":"secret"}'
# Get secret
aws secretsmanager get-secret-value \
--secret-id my-secret
# Update secret
aws secretsmanager update-secret \
--secret-id my-secret \
--secret-string '{"username":"admin","password":"new-secret"}'
WAF
WAF commands
AWS
# Create web ACL
aws wafv2 create-web-acl \
--name my-web-acl \
--scope REGIONAL \
--default-action Allow \
--visibility-config \
SampledRequestsEnabled=true,CloudWatchMetricsEnabled=true,MetricName=my-web-acl
# List web ACLs
aws wafv2 list-web-acls \
--scope REGIONAL
Best Practices
Security
Security best practices
AWS
# Security measures
- Use IAM roles
- Enable MFA
- Use KMS encryption
- Implement least privilege
- Regular security audits
# Access management
- Rotate access keys
- Use IAM groups
- Implement password policy
- Enable CloudTrail
- Use AWS Config
# Network security
- Use VPC
- Configure security groups
- Enable WAF
- Use private subnets
- Implement NACLs
Cost Optimization
Cost optimization practices
AWS
# Cost management
- Use reserved instances
- Implement auto-scaling
- Use spot instances
- Enable cost allocation
- Regular cost analysis
# Resource optimization
- Right-size instances
- Use auto-scaling
- Implement caching
- Use serverless
- Optimize storage
# Monitoring
- Set up CloudWatch
- Configure alarms
- Use cost explorer
- Implement budgets
- Regular reviews
High Availability
High availability practices
AWS
# Availability measures
- Use multiple AZs
- Implement auto-scaling
- Use load balancing
- Configure health checks
- Regular testing
# Disaster recovery
- Regular backups
- Cross-region replication
- Recovery procedures
- Regular testing
- Documentation
# Performance
- Use CDN
- Implement caching
- Optimize databases
- Use auto-scaling
- Regular monitoring
AWS - Interactive Developer Reference
Hover over code blocks to copy or run in live playground