Customize AWS CLI
AWS CLI (AWS Command Line Interface) — A command line interface for working with AWS services.
Use the AWS CLI to work with the logging platform: retrieve events, event streams, and log groups.
- Create a service user.
- Issue an S3 key to the user.
- Install the client.
- Configure the AWS CLI configuration.
1. Create a service user
Create a service user with the role of Project Administrator or Project Supervisor. role Account Owner or User Administrator.
2. Issue an S3 key to the user
Control panel users can issue their own S3 keys on their own, but we recommend to create service users and use keys together with them.
Only the Account Owner or User Administrator can issue S3 keys to other users.A service user cannot get an S3 key by himself because he does not have access to the control panel — he must be issued a key by the Account Owner or User Administrator.
A separate key must be created for each project.Multiple keys can be issued for one project.
-
In the control panel, on the top menu, click Account.
-
Go to the section with the desired user type:
- Users — for the users of the control panel;
- Service users — For service users.
-
Open the user page → Access tab.
-
In the S3 keys block, click Add Key.
-
Enter the name of the key.
-
Select the project for which the key will work.
-
Click Generate. Two values will be generated:
- Access key — Access Key ID, key identifier;
- Secret key — Secret Access Key, secret key.
-
Click Copy and save the key — it cannot be viewed after the window is closed.
3. Install the client
Use the instructions Install or update to the latest version of the AWS CLI documentation from Amazon.
4. Configure AWS CLI configurations
-
Open the terminal.
-
Open the configuration mode:
aws configure
-
Enter the
AWS Access Key ID,
which is the value of the Access key field from the S3 key. -
Enter
AWS Secret Access Key
— the value of the Secret key field from the S3 key. -
Enter
Default region name
— the pool where the logging platform is located (for example,ru-8
). -
Enter
Default output format
or leave blank. -
The settings will be saved in the configuration files:
- credentials in
.aws/credentials
; - pool in
~/.aws/config
.
- credentials in
-
In the
~/.aws/config
file add theendpoint_url
parameter, specify the address of the logging platform in the desired pool as the value, you can look in the URL list:[default]
region = ru-8
endpoint_url = https://ru-8.logs.selcloud.ru