AWS CLI Aliases

Posted on 4 mins read

Today I would like to share with you an AWS CLI feature that is not actually well known and not really well documented.

I use the AWS cli on a daily basis - pretty much every time I spend time in my terminal.

There are commands I use on a regular basis and some of them are repetitive - and also quite long to type out - and I wish that there was a way to alias a command in the AWS cli - it would make my life a lot easier.

There is!! Wait - what ???

I only found this out a few months ago thanks to a tweet that came across my feed from @jsaryer

It turns out that there is an AWS github repo from about 4 years ago - with an example (or two) of how to use an alias in the AWS cli.

If you would like to see how the command is built into the aws cli - you can have a look here. Support for aliases was added in this PR - and if you would like to see exactly what is supported - got through the PR.

Essentially - you create an alias file in ~/.aws/cli/alias and you populate it with the commands and shortcuts that you would like use.

Based on the information from the PR the alias file is an INI file, where you define the aliases and their values.

  • The ~/.aws/cli/alias file only has support for the [toplevel] section. Any other sections, will be ignored.
  • Aliases defined under the [toplevel] section will only be applied at the service command level.
  • Aliases can be defined using multiple lines for readability

Simple alias

Let’s have a look at a simple alias file. First you put in a declaration at the top of the file and your alias below that.

[toplevel]

whoami = sts get-caller-identity

This defines a new alias in your aws cli configuration that when you run:

aws whoami

It will automatically translate that alias to the following command:

aws sts get-caller-identity

The format for a simple alias would be:

<_alias_> = <_aws command_>

But it does not end there…

Functions and commands

Your alias can also contain a function - which is essentially a wrapper for a shell command and looks something like this

  !f() {
    <_ Enter some shell command here _>
  }; f

The function is wrapped with !f() { }; f.

What kind of things can you do with this functionality? Here are a few examples.

Get your current public IP address

myip =
  !f() {
    curl -s https://checkip.amazonaws.com
  }; f

Create a security group with your current public IP

allow-my-ip =
  !f() {
    my_ip=$(aws myip)
    aws ec2 authorize-security-group-ingress --group-name ${1} --protocol ${2} --port ${3} --cidr $my_ip/32
  }; f

You can see in the example above that you can reference previously defined aliases as well. I referenced the the myip alias and used in the allow-my-ip alias to create a security group with my current public IP address.

Running the command above requires 3 parameters

  1. Group name
  2. Protocol
  3. Port

The full command be:

aws allow-my-ip "My Security Group" tcp 22

Remove current public IP from security group

revoke-my-ip =
  !f() {
    my_ip=$(aws myip)
    aws ec2 revoke-security-group-ingress --group-name ${1} --protocol ${2} --port ${3} --cidr $my_ip/32
  }; f

This will remove the IP address rule (with the same 3 parameters used in the previous example)

Over the years, there have been a a number of people who created aliases - so I went on a search to collate them all into a single repository.

https://github.com/maishsk/aws-alias

Please feel free to submit a PR and contribute - if you have any useful aliases that you use in you daily adventures.