Getting started with Amazon AWS and Boto3

If you are starting from scratch with using Python and Boto3 to script and automate Amazon AWS environments, then this should help get you going.

To begin, you’ll need a few items:
1) Download and install the latest Amazon AwsCli. The is the Command Line client for AWS.
2) You will need credentials for an Amazon AWS environment of course. There are lot’s of articles on how to setup AWS CLI with an AWS account.
3) Download and install the latest Python Release from python.org. For these examples I’m using Python 3.5.2.
4) You will need to ‘pip install boto3’ in a Python environment. You can do this from command line. I recommend creating a Virtual Environment for AWS-Boto3 to keep packages separate.
5) If you’ve never used a Python IDE before, try the free Pycharms Community Edition. I use it and it really helps speed up your coding.

At this point, you should have a working AWS CLI, Python Intepreter, and have pip installed the boto3 library.

It’s a good idea to keep the boto3 documentation handy in another browser tab. Because of how boto3 works, there is no premade library and, when working in pycharms, no autocomplete. Having the docs available to reference the objects and methods saves a lot of time.

In my experience with Boto3, there resources and there are clients.

import boto3
ec2 = boto3.resource('ec2')
ec2client = boto3.client('ec2')

I use the resource to get information or take action on a specific item. I think of it as being at a ‘higher’ level than the client. When using the boto3 resource, you usually have to provide an id of the item. For example:

import boto3
ec2 = boto3.resource('ec2')
vpc = ec2.Vpc('vpc-12345678')

There is usually no searching or enumerating items at the resource level. Now that the class vpc is defined, you can look at the attributes, references, or collections. You will also have a series of actions you can perform on the item.

# Attributes
print(vpc.cidr_block)
print(vpc.state)
# Actions
vpc.attach_internet_gateway(InternetGatewayId="igw-123456")
vpc.delete()
# Collections
vpclist = vpc.instances.all()
for instance in vpclist:
    print(instance)

When using a client instead of a resource, you get a level of control over AWS items that is very close to the AWS CLI interface. With the client, you get more detail, can search, and can get very granular in your filters and tasks. Almost every resource has a client available.
For example:

import boto3
# Ec2
ec2 = boto3.resource('ec2')
ec2client = boto3.client('ec2')
# S3
s3 = boto3.resource('s3')
s3client = boto3.client('s3')

One of the most useful benefits of using a client is that you can describe the AWS items in that resource, you can filter or iterate for specific items, and manipulate or take actions on those items.
In the VPC example above, when defining the VPC resource, we needed to know the ID of the vpc. With a client, you can list all the items and find the one you want.

import boto3
ec2 = boto3.resource('ec2')
ec2client = boto3.client('ec2')
response = ec2client.describe_vpcs()
print(response)

What you get back is a dictionary with the important item called “Vpcs”. This dictionary item is the output containing all the VPCs. (We could expect this from the Boto3 docs).
So let’s list out all the VPCs from the response

import boto3
ec2 = boto3.resource('ec2')
ec2client = boto3.client('ec2')
response = ec2client.describe_vpcs()
print(response)
for vpc in response["Vpcs"]:
    print(vpc)

Now you can see how it starts to break down into the info you want. Here you can see a list of dictionaries from the Vpc.
Next, lets get to the individual items of each VPC.

import boto3
ec2 = boto3.resource('ec2')
ec2client = boto3.client('ec2')
response = ec2client.describe_vpcs()
for vpc in response["Vpcs"]:
    print("VpcId = " + vpc["VpcId"] + " uses Cidr of " + vpc["CidrBlock"])

That’s the very basics of it. Post any questions in the comments below. And I’ll be adding more posts on Boto3 in the coming days and weeks.

Tagged , , , . Bookmark the permalink.

6 Responses to Getting started with Amazon AWS and Boto3

  1. Paul Smart says:

    When I try this:

    import boto3
    ec2 = boto3.resource(‘ec2’)
    ec2client = ec2.client(‘ec2’)
    response = ec2client.describe_vpcs()
    print(response)

    I get this:

    AttributeErrorTraceback (most recent call last)
    in ()
    1 import boto3
    2 ec2 = boto3.resource(‘ec2’)
    —-> 3 ec2client = ec2.client(‘ec2’)
    4 response = ec2client.describe_vpcs()
    5 print(response)

    AttributeError: ‘ec2.ServiceResource’ object has no attribute ‘client’

    Do you have any idea why that might be please?

    • mike says:

      Sorry – Had a typo in the article.

      That line should read ec2client = boto3.client(‘ec2’)

      I corrected the post as well.

    • Paul, in line 3, the client function should be applied to the boto3 library, not the ec2 object you just created.

      The code should be:

      ec2client = boto3.client(‘ec2’)

      The same applies to the other calls on the client function as well.

      Hope that helps!

  2. Lukes says:

    ec2client = boto3.client(‘ec2’)

  3. Rodney Bizzell says:

    I would you list eni and or only list eni that aren’t associated with an instance. I can’t find any example anywhere for this.

    • mike says:

      You can use the ec2 client method describe_network_interfaces()

      The response will include a list of network IDs. You can iterate over the list (pagination may be needed) and inspect each id for an attachment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Solve : *
15 + 23 =