Getting Started (AWS PowerShell)

Setup Credentials

PowerShell Core can't store credentials securely by itself (the encryption used by Windows PowerShell is dependant on Windows DLL's, the Secure String object is not available in PowerShell Core), therefore AWS provide a method of storing AWS credentials securely for use which replicates how you'd do this in Windows PowerShell whereby credentials are stored in an encrypted file that can only be decrypted by the logged in user. You need the Access Key ID and Secret for your account. If you don't have an Access Key ID, go to IAM > Users and locate your account and select Create access key (the secret will not be accessible again, make a note of it somewhere secure).

The following command stores your credentials in the default profile, meaning that they will be used for operations where credentials are required, unless you specify a different profile of credentials to use

Set-AWSCredential -AccessKey <your-access-key> -SecretKey <your-secret> -StoreAs default

Set Default Region

Most commands need to be run against a specific region. You can either specify this each time you run CmdLet, or if you predominantly run in one region, its more convenient to set a default region

Set-DefaultAWSRegion -Region eu-west-1

Other useful region commands...

Clear-DefaultAWSRegion              # Clear default region
Get-AWSRegion                       # Get list of regions, including what is default

Get Instances

Example commands to get instances..

# Get running instances with Production tag
$instances = Get-EC2Instance -Filter @(@{Name="tag:Function";Values="Production"};@{Name="instance-state-name";Values="running"}) | Select-Object -ExpandProperty instances 

# Get specific instance
$instance = Get-EC2Instance -Filter @(@{Name="instance-id";Values="i-012345678abcdef01"}) | Select-Object -ExpandProperty instances