2023/03月時点でのAWSCLIコマンドの install方法のメモ
目次
1. MacでAWSCLIをinstall
2. ubuntuでAWSCLIをinstall
追記:ubuntuでAWS IOT 関係の準備(AWS IoT Device Client をdownload & build)
1. MacでAWSCLIをinstall
docs.aws.amazon.com# AWSCLIをinstall curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg" sudo installer -pkg AWSCLIV2.pkg -target / >>> #installer: Package name is AWS Command Line Interface #installer: Installing at base path / #installer: The install was successful. # pathとversionの確認 which aws # /usr/local/bin/aws aws --version # aws-cli/2.11.4 Python/3.11.2 Darwin/22.2.0 exe/x86_64 prompt/off
# アクセスキーの設定 aws configure # AWS Access Key ID [None]: ***** # AWS Secret Access Key [None]: ******* # Default region name [None]: ap-northeast-1 # Default output format [None]: json
# when to remove sudo rm -rf /usr/local/aws sudo rm /usr/local/bin/aws
2. ubuntuでAWSCLIをinstall
# 必要パッケージのinstall apt-get -y update apt-get -y upgrade apt-get -y autoremove sudo reboot apt-get -y install build-essential libssl-dev cmake unzip git python3-pip gcc --version # > 9.3.0 cmake --version # > 3.10.x openssl version # > 1.1.1 git --version # > 2.20.1 # https://github.com/pyca/cryptography/issues/7959 pip3 install cryptography==39.0.0 pip3 uninstall pyOpenSSL pip3 install pyOpenSSL==22.1.0
# gitでinstall export PATH=$PATH:~/.local/bin git clone https://github.com/aws/aws-cli.git && cd aws-cli && git checkout v2 pip3 install -r requirements.txt pip3 install . aws --version # > 2.2 # aws-cli/2.11.4 Python/3.8.10 Linux/5.15.0-60-generic source/x86_64.ubuntu.20 prompt/off
# アクセスキーの設定 aws configure #AWS Access Key ID [None]: ********* #AWS Secret Access Key [None]: ******** #Default region name [None]: ap-northeast-1 #Default output format [None]: json
追記:ubuntuでAWS IOT 関係の準備(AWS IoT Device Client をdownload & build)
docs.aws.amazon.com証明書(certification)の作成
# certification作成 mkdir ~/certs curl -o ~/certs/AmazonRootCA1.pem https://www.amazontrust.com/repository/AmazonRootCA1.pem # % Total % Received % Xferd Average Speed Time Time Time Current # Dload Upload Total Spent Left Speed #100 1188 100 1188 0 0 15631 0 --:--:-- --:--:-- --:--:-- 15631 chmod 745 ~ chmod 700 ~/certs chmod 644 ~/certs/AmazonRootCA1.pem ls -l ~/certs # total 4 # -rw-r--r-- 1 hagi hagi 1188 Mar 21 22:51 AmazonRootCA1.pem
cd ~ git clone https://github.com/awslabs/aws-iot-device-client aws-iot-device-client mkdir ~/aws-iot-device-client/build && cd ~/aws-iot-device-client/build cmake ../ cmake --build . --target aws-iot-device-client ./aws-iot-device-client --help >>>>> { "certificateArn": "arn:aws:iot:ap-northeast-1:980023311172:cert/9c84a36ba2bcf5accf3ae7058032410515a237bd580b5037ced2d67857c8dfbc", "certificateId": "9c84a36ba2bcf5accf3ae7058032410515a237bd580b5037ced2d67857c8dfbc", "certificatePem": "-----BEGIN CERTIFICATE-----\n*****==\n-----END CERTIFICATE-----\n", "keyPair": { "PublicKey": "-----BEGIN PUBLIC KEY-----\n********\n-----END PUBLIC KEY-----\n", "PrivateKey": "-----BEGIN RSA PRIVATE KEY-----\n****==\n-----END CERTIFICATE-----\n", "keyPair": { "PublicKey": "-----BEGIN PUBLIC KEY-----\n****\n-----END PUBLIC KEY----- \n", "PrivateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAxdDxl9oN
mkdir ~/dc-configs mkdir ~/policies mkdir ~/messages mkdir ~/certs/testconn mkdir ~/certs/pubsub mkdir ~/certs/jobs chmod 745 ~ chmod 700 ~/certs/testconn chmod 700 ~/certs/pubsub chmod 700 ~/certs/jobs chmod 745 ~ chmod 700 ~/certs/testconn chmod 644 ~/certs/testconn/* chmod 600 ~/certs/testconn/private.pem.key ls -l ~/certs/testconn #total 12 #-rw-r--r-- 1 hagi hagi 1224 Mar 21 23:00 device.pem.crt #-rw------- 1 hagi hagi 1675 Mar 21 23:00 private.pem.key #-rw-r--r-- 1 hagi hagi 451 Mar 21 23:00 public.pem.key
AWS IoT リソースの作成
# エンドポイントの確認 $ aws iot describe-endpoint --endpoint-type IoT:Data-ATS #{ # "endpointAddress": "a3phz77nfdgsr1-ats.iot.ap-northeast-1.amazonaws.com" #}
# モノの作成 $ aws iot create-thing --thing-name "DevCliTestThing" #{ # "thingName": "DevCliTestThing", # "thingArn": "arn:aws:iot:ap-northeast-1:980023311172:thing/DevCliTestThing", # "thingId": "c6187956-ef7a-4143-b5dc-6b518d5866df" #}
# policy用のjsonファイル作成
vi ~/policies/dev_cli_test_thing_policy.json
>>>
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Subscribe",
"iot:Receive",
"iot:Connect"
],
"Resource": [
"*"
]
}
]
}# AWS IoT ポリシーを作成 aws iot create-policy \ > --policy-name "DevCliTestThingPolicy" \ > --policy-document "file://~/policies/dev_cli_test_thing_policy.json" #{ # "policyName": "DevCliTestThingPolicy", # "policyArn": "arn:aws:iot:ap-northeast-1:980023311172:policy/DevCliTestThingPolicy", # "policyDocument": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n #\"iot:Publish\",\n \"iot:Subscribe\",\n \"iot:Receive\",\n \"iot:Connect\"\n ],\n \"Resource\": [\n #\"*\"\n ]\n }\n ]\n}\n", # "policyVersionId": "1" #}
certificateArn="arn:aws:iot:ap-northeast-1:980023311172:cert/9c84a36ba2bcf5accf3ae7058032410515a237bd580b5037ced2d67857c8dfbc" # ポリシーをデバイス証明書にアタッチ。certificateArn を以前に保存した certificateArn の値に置き換えます。 $aws iot attach-policy \ > --policy-name "DevCliTestThingPolicy" \ > --target $certificateArn # デバイス証明書を AWS IoT のモノのリソースにアタッチ $ aws iot attach-thing-principal \ > --thing-name "DevCliTestThing" \ > --principal $certificateArn
設定ファイルを作成
mkdir ~/dc-configs chmod 745 ~/dc-configs # 設定ファイル用jsonファイルの作成 vi ~/dc-configs/dc-testconn-config.json { "endpoint": "a3phz77nfdgsr1-ats.iot.ap-northeast-1.amazonaws.com", "cert": "~/certs/testconn/device.pem.crt", "key": "~/certs/testconn/private.pem.key", "root-ca": "~/certs/AmazonRootCA1.pem", "thing-name": "DevCliTestThing", "logging": { "enable-sdk-logging": true, "level": "DEBUG", "type": "STDOUT", "file": "" }, "jobs": { "enabled": false, "handler-directory": "" }, "tunneling": { "enabled": false }, "device-defender": { "enabled": false, "interval": 300 }, "fleet-provisioning": { "enabled": false, "template-name": "", "template-parameters": "", "csr-file": "", "device-key": "" }, "samples": { "pub-sub": { "enabled": true, "publish-topic": "test/dc/pubtopic", "publish-file": "", "subscribe-topic": "test/dc/subtopic", "subscribe-file": "" } }, "config-shadow": { "enabled": false }, "sample-shadow": { "enabled": false, "shadow-name": "", "shadow-input-file": "", "shadow-output-file": "" } } chmod 644 ~/dc-configs/dc-testconn-config.json
AWS IoT Device Client を実行する
cd ~/aws-iot-device-client/build ./aws-iot-device-client --config-file ~/dc-configs/dc-testconn-config.json
