aws tools for windows powershell

AWS Tools for Windows PowerShell

2016/09/27

2



Amazon EC2 Run Command

4

Infrastructure as Code

5

AWSInfrastructure as Code

Java Python (boto) PHP .NET Ruby Node.js

AWS Tools for Windows

PowerShell

AWS CLI

JavaScript

CloudFormation OpsWorks ElasticBeanstalk

6

AWS Command Line Interface (CLI) awsAWS

Windows, Linux, Mac, Unix S3sync

AWS Tools for Windows PowerShell AWSPowerShell

AWS PowerShell

7

Windows PowerShellMicrosoftCLI

(cmdlet) .NET Framework

Get-Command -Module AWSPowerShell

cmdlet-

8

AWS PowerShell AWS CLI []-[][]

Get-EC2AvailabilityZone -Region ap-northeast-1

aws ec2 describe-availability-zones --region ap-northeast-1

AWS API

API describe, list create put deletePowerShell Get New Write Remove

Cmdlet Reference: http://docs.aws.amazon.com/powershell/latest/reference/Index.html

9

Get-Command

PS C:\> Get-Command -Module AWSPowerShell -Name *EC2*CommandType Name Definition----------- ---- ---------- Cmdlet Add-EC2ClassicLinkVpc ... Cmdlet Add-EC2InternetGateway ... Cmdlet Add-EC2NetworkInterface ...

"AWSPowerShell"EC2

10

HelpGet-HelpHelp

PS C:\> Get-Help Get-Command

NAME Get-Command SYNOPSIS Windows PowerShell SYNTAX Get-Command [[-Name] ] [-CommandType {Alias | Function | Filter | Cmdlet | ExternalScript | Application | Script | All}] [[-ArgumentList] ] [-Module ] [-Syntax] [-TotalCount ] []

"Get-Command"Help

11

.NET Framework

PS C:\> Get-EC2AvailabilityZone | ft *

Region ZoneStateMessage Messages RegionName StateZoneName

------ --------- ------- ------- ---------- ----- -------- ap-northeast-1 available {} {} ap-northeast-1 available ap-northeast-1aap-northeast-1 available {} {} ap-northeast-1 available ap-northeast-1c

Amazon.EC2.Model.AvailabilityZone

12

|

PS C:\> Get-Command -Module AWSPowerShell | `>> Where-Object {$_.Name -eq "Get-EC2Instance"}CommandType Name Definition----------- ---- ----------Cmdlet Get-EC2Instance ...

"AWSPowerShell"Get-EC2Instance

PowerShell"`"

13

Get-Member

PS C:\> (Get-EC2Instance).Instances | Get-Member -MemberType Property | Select Name,Definition Name Definition ---- ---------- AmiLaunchIndex int AmiLaunchIndex {get;set;} Architecture Amazon.EC2.ArchitectureValues Architecture {get;set;} ClientToken string ClientToken {get;set;} EbsOptimized bool EbsOptimized {get;set;} Hypervisor Amazon.EC2.HypervisorType Hypervisor {get;set;} ImageId string ImageId {get;set;} InstanceId string InstanceId {get;set;}...

EC2

14

Format-List(fl)Format-Table(ft)

PS C:\> $EC2Instances = (Get-EC2Instance).Instances |select InstanceType, LaunchTime PS C:\> $EC2Instances | fl

InstanceType : m3.largeLaunchTime : 2015/07/09 16:34:01

InstanceType : t2.microLaunchTime : 2015/04/08 16:47:30....

PS C:\> $EC2Instances | ft

InstanceType LaunchTime ------------ ---------- m3.large 2015/07/09 16:34:01t2.micro 2015/04/08 16:47:30....

15

AWS

http://docs.aws.amazon.com/ja_jp/powershell/latest/userguide/pstools-discovery-aliases.html

PC C:\> Get-EC2Instance | Stop-EC2Instance EC2

PC C:\> Get-AWSRegion | % { Get-EC2Image -Owner self -Region $_ } AWSAMI

EC2Stop-EC2Instance(-Instance)

Get-EC2Image-Region

PowerShell

16

[options] : -FilterAWSPowerShellFilter

PC C:\> $tag = New-Object Amazon.EC2.Model.Filter -Property @{Name="tag:Name";Values="TEST"}

PC C:\> Get-EC2Instance -Filter $tag

NameTESTEC2

PC C:\> $SGNames = New-Object Amazon.EC2.Model.Filter -Property `>> @{Name="group-name";Values=@("SG1","SG2")}PC C:\> Get-EC2SecurityGroup -Filter $SGNames

SG1,"SG2"

-Filter

17

Get-AWSPublicIpAddressRangeAWSIPAWS CLIip-ranges.jsonAWS PowerShell

PS C:\> Get-AWSPublicIpAddressRangeIpPrefix Region Service-------- ------ -------50.19.0.0/16 us-east-1 AMAZON...50.19.0.0/16 us-east-1 EC2...205.251.192.0/21GLOBAL ROUTE5354.232.40.64/26 sa-east-1 ROUTE53_HEALTHCHECKS...204.246.176.0/20GLOBAL CLOUDFRONT...

http://docs.aws.amazon.com/powershell/latest/reference/Index.htmlhttp://docs.aws.amazon.com/ja_jp/general/latest/gr/aws-ip-ranges.html

18

Pro PowerShell for Amazon Web Services: DevOps for the AWS Cloud

Create, manage, and terminate Windows servers in the cloud

Manage storage options including backup and recovery

Configure a virtual network including subnets and route tables

Secure your servers using security groups and access control lists

Use Auto Scaling to respond to changing conditions

Deploy SQL Server using Relational Database Service

Use Simple Storage Service (S3) to reliably store and archive data

Control access to resources using Identity and Access Management (IAM)

https://www.amazon.co.jp/Pro-PowerShell-Amazon-Web-Services-ebook/dp/B00HG2CQ3O/

20

PowerShell Gallery

https://blogs.aws.amazon.com/net/post/Tx3E4TIMWDG4604/Announcing-Support-for-the-PowerShell-Galleryhttps://www.powershellgallery.com/packages/AWSPowerShell/

PowerShell Gallery MicrosoftPowerShell20157 Windows Management Framework v5 preview

AWS PowerShell

AWS PowerShell

PS C:\> Install-Module -Name AWSPowerShell

PS C:\> Update-Module -Name AWSPowerShell

20155

PowerShell GalleryAWS PowerShell

21

Get-AWSCmdletName Get-AWSCmdletName-Service

PS C:\> Get-AWSCmdletName -Service computeCmdletName ServiceOperation ServiceName---------- ---------------- -----------Add-EC2ClassicLinkVpc AttachClassicLinkVpc Amazon Elastic Compute Cloud

PS C:\> Get-AWSCmdletName -Service EC2CmdletName ServiceOperation ServiceName---------- ---------------- -----------Add-EC2ClassicLinkVpc AttachClassicLinkVpc Amazon Elastic Compute Cloud

EC2

201510

https://blogs.aws.amazon.com/net/post/Tx14OU1G9A1W5PY/Listing-Cmdlets-by-Service

22

AWS Tools for Windows PowerShell Set-AWSSamlEndpointSet-AWSSamlRoleProfile

ADFS

https://blogs.aws.amazon.com/net/post/Tx2PI5SQTDMAHQR/New-Support-for-Federated-Users-in-the-AWS-Tools-for-Windows-PowerShell

201512

# first configure the endpoint that one or more role profiles will reference by name$endpoint = "https://adfs.example.com/adfs/ls/IdpInitiatedSignOn.aspx?loginToRp=urn:amazon:webservices"Set-AWSSamlEndpoint -Endpoint $endpoint -StoreAs "endpointname"

# if the principal and role ARN data of a role is known, it can be specified directly$params = @{ "PrincipalARN"="arn:aws:iam::012345678912:saml-provider/ADFS" "RoleARN"="arn:aws:iam::012345678912:role/ADFS-Dev"}Set-AWSSamlRoleProfile -EndpointName "endpointname" -StoreAs "ADFS-Dev" @params

23

AWS Tools for PowerShell Core Edition

Windows/Linux/Mac OS XPowerShell Core EditionAWS Tools Cmdlet PowerShell Garalley

20168

https://blogs.aws.amazon.com/net/post/TxTUNCCDVSG05F/Introducing-AWS-Tools-for-PowerShell-Core-Edition

Install-Package -Name AWSPowerShell.NetCore -Source https://www.powershellgallery.com/api/v2/ -ProviderName NuGet -ExcludeVersion -Destination destfolderImport-Module AWSPowerShell.NetCore

.NET CorePowerShell Core

25

Amazon EC2

User Data


26

User Data

User DataPowerShell Read-S3Object -BucketName myS3Bucket -Key

myFolder/myFile.zip -File c:\destinationFile.zip

User DataEC2Config

EC2Config2.1.10 true

27


EC2

OS

OS Amazon Linux, Ubuntu Server,

RHEL, CentOS, etc.SSM Agent

Windows Server 2003-2012R2

28

EC2 Run Command

Windows Server 2003/2003 R2/2008/2008 R2/2012/2012 R2

EC2Config

IAM EC2IAM

EC2

Amazon S3 S3

29

EC2 Run CommandIAM

SSM AmazonEC2RoleforSSM () AmazonSSMFullAccess () AmazonSSMReadOnlyAccess ()

EC2 EC2

30

AWS Directory Service

1. [Enable]2. Directory Service3. SSM

31

EC2 Run Command

PowerShell PowerShell EC2 EC2 Amazon CloudWatch

Windows Updates EC2Config Windows Amazon EC2

EC2 Windows

32

EC2 EC2 Run Command

Amazon EC2

1. [AWS-RunPowerShellScript]

2.

3.

Windows PowerShellEC2 Run Command#Get-SSMDocumentDescription -Name "AWS-RunPowerShellScript

#Get-SSMDocumentDescription -Name "AWS-RunPowerShellScript" | select -ExpandProperty Parameters

#AWS-RunPowerShellScript $runPSCommand=Send-SSMCommand -InstanceId @('Instance-ID', 'Instance-ID') -DocumentName AWS-RunPowerShellScript -Comment 'Demo AWS-RunPowerShellScript with two instances' -Parameter @{'commands'=@('dir C:\Users', 'dir C:\')}

34

AWS Tools for Windows PowerShell PowerShellAWS PowerShellAWS

AWS Tools for PowerShell CoreLinux/Mac OS X

Amazon EC2 Run Command EC2 AWS Tools for Windows PowerShell

aws tools for windows powershell

Technology