Getting started with AWS Tools for PowerShell

Create an AWS account to set up IAM keys

To start, log in to your existing account or create one at aws.amazon.com. AWS offers a free tier to learn how to use the cloud platform.

Next, create a user and generate keys with the Identity and Access Management (IAM) service in the AWS console. These keys authenticate and manage your AWS resources from PowerShell. For simplicity, I will create a user in the Administrators group that will have the keys to the castle. In production, you would never want to do this.

Next, create a group with administrator access. Search for IAM in the AWS console, go the Groups tab and click Create New Group. Name the group whatever you like; I just use admin. Next, choose a policy to attach. The first policy, AdministratorAccess, is sufficient. Finally, create the group.

To create a user, go back to the initial IAM page and click Add user. Choose a name and access type. For the purposes of this article, I chose both programmatic access and the AWS Management console. Next, add the user to the administrative group you created. You should then be able to download a CSV file with the access key ID and access key.

Install AWS Tools for PowerShell

You can use AWS Tools for PowerShell anywhere you can install PowerShell: Mac, Linux and, of course, Windows.

Make sure you use the correct version; select the module for either the Windows PowerShell version or PowerShell Core. The name of the module differs. For Windows PowerShell, it is called AWSPowerShell, while the PowerShell Core version is AWSPowerShell.NetCore.

You can use AWS Tools for PowerShell anywhere you can install PowerShell: Mac, Linux and, of course, Windows.

I'm going to use the Windows PowerShell version. To install the module, you can use the MSI installer provided by AWS, install it from the PowerShell gallery or use Chocolatey.

To install it via PowerShell Gallery, use this command:

Install-Module awspowershell

If you would like to do it via Chocolatey, use this command instead:

choco install AWSTools.Powershell

Once the AWS Tools are installed, you may need to import the module.

Get-Module awspowershell | Import-Module

Finally, to finish the setup, set the profile to allow you to connect to AWS and run commands.

Set-AWSCredential -AccessKey 'AKIAJY5DMYIFM34FEQTMUA' -SecretKey 'F5HWPv8hdEI+RdfeW5re0oCVkGnyWhGmsdOZwnPs6Ir'

How to manage EC2 instances

According to the following command, there are 286 cmdlets associated with managing Elastic Compute Cloud (EC2) in the current AWS Tools for PowerShell module:

Get-Command *EC2* | Measure-Object | Select-Object -Property Count

You can manage a lot with PowerShell when it comes to your EC2 instances. For example, you can create a new EC2 instance using a free tier AWS image.

New-EC2Instance -ImageId 'ami-04681a1dbd79675a5' -MinCount 1 -MaxCount 1 -KeyName test -InstanceType t2.micro

To see some information on that instance, you can use Get-EC2Instance.

Get-EC2Instance -InstanceId 'i-0fb1bc69ba6d4d747'
GroupNames    : {}
Groups        : {}
Instances     : {test}
OwnerId       : 648587338305
RequesterId   :
ReservationId : r-0a5b3badd7deab74d

By default, the Get-EC2Instance cmdlet does not provide much information. If you expand the Instances property, you can get more details.

Get-EC2Instance -InstanceId 'i-0fb1bc69ba6d4d747' | Select-Object -ExpandProperty instances | Select-Object *
Tag                    : {}
AmiLaunchIndex         : 0
Architecture           : x86_64
BlockDeviceMappings    : {/dev/xvda}
ClientToken            :
CpuOptions             : Amazon.EC2.Model.CpuOptions
EbsOptimized           : False
EnaSupport             : True
Hypervisor             : xen
IamInstanceProfile     :
ImageId                : ami-04681a1dbd79675a5
InstanceId             : i-0fb1bc69ba6d4d7475
InstanceLifecycle      :
InstanceType           : t2.micro
KernelId               :
KeyName                : test
LaunchTime             : 9/25/2018 6:20:06 AM
Monitoring             : Amazon.EC2.Model.Monitoring
NetworkInterfaces      : {ip-172-33-61-59.ec2.internal}
Placement              : Amazon.EC2.Model.Placement
Platform               :
PrivateDnsName         : ip-172-33-61-59.ec2.internal
PrivateIpAddress       : 172.33.61.59
ProductCodes           : {}
PublicDnsName          : ec2-54-144-194-165.compute-10.amazonaws.com
PublicIpAddress        : 54.149.194.170
RamdiskId              :
RootDeviceName         : /dev/xvda
RootDeviceType         : ebs
SecurityGroups         : {default}
SourceDestCheck        : True 
SpotInstanceRequestId  :
SriovNetSupport        :
State                  : Amazon.EC2.Model.InstanceState
StateReason            :
StateTransitionReason  :
SubnetId               : subnet-40d47c6a
Tags                   : {}
VirtualizationType     : hvm
VpcId                  : vpc-ebf3c18f 

To stop an EC2 instance, use the cmdlet Stop-EC2Instance. In this example, I pipe the output of my previous command:

Get-EC2Instance -InstanceId 'i-0fb1bc69ba6d4d745' | Stop-EC2Instance

Managing S3 buckets

The cmdlets in the AWS Tools for PowerShell module give users a way to interact with Simple Storage Service (S3) buckets, objects, access control lists and policies. For AWS beginners, S3 is the AWS storage service.

In this scenario, I am going to view my current S3 buckets, upload an object into one bucket, copy an object from one bucket to another and then remove that object.

To view all S3 buckets, you can use the Get-S3Bucket cmdlet.

Get-S3Bucket
CreationDate         BucketName
------------         ---------
3/12/2016 8:49:01 AM cf-templates-1mifia0ai0gnr-us-west-2
9/25/2018 6:49:51 AM dans-test-bucket-name         

To upload a local file called test.txt into the S3 bucket named dans-test-bucket-name, I run the following command:

Write-S3Object -BucketName dans-test-bucket-name -File C:\temp\test.txt -Verbose

VERBOSE: Performing the operation "Write-S3Object (PutObject)" on target "dans-test-bucket-name".                                            VERBOSE: Invoking Amazon S3 object upload APIs in region 'us-east-1'                              

To view the contents of my dans-test-bucket-name S3 bucket, I use the following command:

Get-S3Object -BucketName dans-test-bucket-name
ETag         : "d41d8cd98f00b204e9800998ecf8427e"
BucketName   : dans-test-bucket-name
Key          : test.txt
LastModified : 9/25/2018 7:37:38 AM
Owner        : Amazon.S3.Model.Owner
Size         : 0
StorageClass : STANDARD                                           

I can see my test.txt file in the S3 bucket.

Next, copy that test.txt file to another S3 bucket called dans-test-bucket-name-2. Specify the source and destination bucket and key, which in this case is the object to copy.

Copy-S3Object -BucketName dans-test-bucket-name -Key test.txt -DestinationBucket dans-test-bucket-name-2 -DestinationKey test.txt
ETag         : "d41d8cd98f00b204e9800998ecf8427e"
BucketName   : dans-test-bucket-name-2
Key          : test.txt
LastModified : 9/25/2018 7:42:45 AM
Owner        : Amazon.S3.Model.Owner
Size         : 0
StorageClass : STANDARD

Finally, to remove the object you copied, you can use the Remove-S3Object cmdlet.

Get-S3Object -BucketName dans-test-bucket-name-2 | Remove-S3Object
Confirm

Are you sure you want to perform this action?
Performing the operation "Remove-S3Object (DeleteObjects)" on target "".[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): a
DeleteMarker DeleteMarkerVersionId Key      VersionId
------------ --------------------- ---      ---------
False                              test.txt

Since Microsoft Azure rivals AWS, it may be surprising to see how much you can manage in AWS with PowerShell. Jeffrey Snover, the creator of PowerShell, often mentions that the new goal of the scripting and automation tool is to manage anything with PowerShell, from any hypervisor to any cloud, such as Hyper-V, VMware, Azure or AWS.

Although the AWS CLI is a favorite among AWS engineers and administrators, the AWS Tools for PowerShell module offers a comprehensive method to manage cloud services from Amazon.