If you are starting from scratch with using Python and Boto3 to script and automate Amazon AWS environments, then this should help get you going.
To begin, you’ll need a few items:
1) Download and install the latest Amazon AwsCli. The is the Command Line client for AWS.
2) You will need credentials for an Amazon AWS environment of course. There are lot’s of articles on how to setup AWS CLI with an AWS account.
3) Download and install the latest Python Release from python.org. For these examples I’m using Python 3.5.2.
4) You will need to ‘pip install boto3’ in a Python environment. You can do this from command line. I recommend creating a Virtual Environment for AWS-Boto3 to keep packages separate.
5) If you’ve never used a Python IDE before, try the free Pycharms Community Edition. I use it and it really helps speed up your coding.
At this point, you should have a working AWS CLI, Python Intepreter, and have pip installed the boto3 library.
It’s a good idea to keep the boto3 documentation handy in another browser tab. Because of how boto3 works, there is no premade library and, when working in pycharms, no autocomplete. Having the docs available to reference the objects and methods saves a lot of time.
In my experience with Boto3, there resources and there are clients.
import boto3 ec2 = boto3.resource('ec2') ec2client = boto3.client('ec2')
I use the resource to get information or take action on a specific item. I think of it as being at a ‘higher’ level than the client. When using the boto3 resource, you usually have to provide an id of the item. For example:
import boto3 ec2 = boto3.resource('ec2') vpc = ec2.Vpc('vpc-12345678')
There is usually no searching or enumerating items at the resource level. Now that the class vpc is defined, you can look at the attributes, references, or collections. You will also have a series of actions you can perform on the item.
# Attributes print(vpc.cidr_block) print(vpc.state) # Actions vpc.attach_internet_gateway(InternetGatewayId="igw-123456") vpc.delete() # Collections vpclist = vpc.instances.all() for instance in vpclist: print(instance)
When using a client instead of a resource, you get a level of control over AWS items that is very close to the AWS CLI interface. With the client, you get more detail, can search, and can get very granular in your filters and tasks. Almost every resource has a client available.
import boto3 # Ec2 ec2 = boto3.resource('ec2') ec2client = boto3.client('ec2') # S3 s3 = boto3.resource('s3') s3client = boto3.client('s3')
One of the most useful benefits of using a client is that you can describe the AWS items in that resource, you can filter or iterate for specific items, and manipulate or take actions on those items.
In the VPC example above, when defining the VPC resource, we needed to know the ID of the vpc. With a client, you can list all the items and find the one you want.
import boto3 ec2 = boto3.resource('ec2') ec2client = boto3.client('ec2') response = ec2client.describe_vpcs() print(response)
What you get back is a dictionary with the important item called “Vpcs”. This dictionary item is the output containing all the VPCs. (We could expect this from the Boto3 docs).
So let’s list out all the VPCs from the response
import boto3 ec2 = boto3.resource('ec2') ec2client = boto3.client('ec2')) response = ec2client.describe_vpcs() print(response) for vpc in response["Vpcs"]: print(vpc)
Now you can see how it starts to break down into the info you want. Here you can see a list of dictionaries from the Vpc.
Next, lets get to the individual items of each VPC.
import boto3 ec2 = boto3.resource('ec2') ec2client = boto3.client('ec2') response = ec2client.describe_vpcs() for vpc in response["Vpcs"]: print("VpcId = " + vpc["VpcId"] + " uses Cidr of " + vpc["CidrBlock"])
That’s the very basics of it. Post any questions in the comments below. And I’ll be adding more posts on Boto3 in the coming days and weeks.