Effortlessly execute AWS CLI commands using natural language with Amazon Q Developer

Command-line tools are meant to simplify infrastructure and DevOps workflows, but the reality is often the opposite. Instead of speeding things up, the vast array of commands, flags, and syntax turns the CLI into a puzzle. Tools meant to enhance productivity have developers endlessly tab-switching between searches, forums, and docs just to find basic commands.

Much like learning a new language, mastering the CLI involves navigating intricate and unfamiliar syntax. In the real world, we have translators to help bridge communication gaps—and now, there’s Amazon Q Developer to do the same for your CLI.

In this post, we’ll guide you through setting up Amazon Q Developer on your command line and demonstrate how it simplifies complex tasks.

Make sure you have AWS CLI installed and configured to have a smooth experience as you go through this post.

To use Amazon Q Developer in your CLI, start by installing Amazon Q. Currently, Amazon Q’s CLI capability is only available for macOS and Linux users, so make sure you are on the right platform.

Using Amazon Q Developer requires you to have an AWS Builder ID or be part of an organization with an AWS IAM Identity Center instance set up.

We will be interacting with Amazon S3 and Amazon CloudFront, check that your AWS account has the necessary permissions:

s3:CreateBucket 
s3:PutObject 
s3:PutBucketPolicy 
cloudfront:CreateDistribution 
cloudfront:CreateOriginAccessControl 
cloudfront:GetDistributionConfig 
cloudfront:UpdateDistribution

Once you have these prerequisites in place, you’re ready to see how Amazon Q Developer can simplify your CLI workflow. Let’s get started.

Open a new terminal window, and type q translate, followed by a natural language prompt to execute a complex command. Amazon Q Developer will take your input and process it through a Large Language Model (LLM), generating the corresponding bash command.

Let’s start with something simple and fun: count down from 10 second by second in your terminal:

q translate “Count down from 10 second by second”

When you execute the command, you’ll see Amazon Q suggest an executable shell command with a few action items:

• Execute command: executes the proposed command immediately
• Edit command: allows you to modify the proposed command
• Regenerate answer: proposes another command
• Ask another question: allows you to enter a new prompt
• Cancel: exits the session

For now, we can just execute the command and see it in action:

Now that we’ve covered the basics, let’s get our hands dirty with something practical. In this tutorial, we’ll walk through creating a static website hosted on AWS, entirely using the command line.

Step 1: Create an S3 Bucket to Host the Website

Amazon S3 is great for static website hosting. First, we need to create an S3 bucket to store our website files. We can simply instruct Amazon Q Developer to “create an S3 bucket called ‘ai-generated-bucket’ on us-west-2”:

Note: that if you already have a bucket with the same name, feel free to change it to something else.

We can see that Amazon Q Developer has correctly generated the command:

 aws s3 mb s3://ai-generated-bucket —region us-west-2

If you see something that’s not quite right, you can try to “Edit command” or “Regenerate answer”. For now, we can just execute that generated command and verify in the AWS S3 console that the S3 bucket has indeed been created.

Step 2: Create an HTML File with “Hello World”

Now, we need to upload a basic HTML file to the bucket. Instead of manually writing it, we can let Amazon Q Developer guide us. Prompt:

q translate "Create a simple index.html file with 'Hello World' message"

Amazon Q Developer is suggesting echo '<h1>Hello World</h1>' > index.html, which looks good. We can go ahead execute that command.

Step 3: Upload the HTML File to S3

Now, we’ll upload the index.html file to the S3 bucket:

q translate "Upload index.html to the 'ai-generated-bucket' S3 bucket"

After executing the command, we can check on the Amazon S3 console to see we have successfully uploaded the index.html file to our bucket.

Step 4: Set up CloudFront distribution

By default, Amazon S3 blocks public access to your account and buckets. We recommend keeping Block Public Access enabled for production use cases and securely serve your site through Amazon CloudFront, a global Content Delivery Network (CDN) that securely delivers your content with low latency and high transfer speeds, making it ideal for hosting static websites.

Use Amazon Q Developer to create a CloudFront distribution for your S3 bucket:

q translate "Create a CloudFront distribution for my S3 bucket 'ai-generated-bucket'"

Hmm, that doesn’t look right. Amazon Q Developer is trying to supply —distribution-config with an unspecified configuration file. To fix this, you can either manually provide the CloudFront distribution configuration or we can push the limit of what Amazon Q Developer can do.

Let’s try to refine our prompt so that we don’t use the --distribution-config flag:

q translate "Create a CloudFront distribution for my S3 bucket 'ai-generated-bucket' without using the ‘—distribution-config' flag"

Much better! Looks like we need to replace the ‘X’s with an actual origin domain name. In our case, the S3 bucket origin uses the following format:

bucket-name.s3.amazonaws.com

Navigate to and toggle the Edit command option on your CLI, and replace the ‘X’s. In our case, the replacement value would be ai-generated-bucket.s3.amazonaws.com. Execute the command, and upon success, you should be able to see the CloudFront configuration printed on the console:

Copy the “Id” from the output, we will need it for the next step.

Step 5: Preparing for public access

We want to set index.html as our default root object for the CloudFront distribution we just created, this will ensure that when users access your website’s root URL, CloudFront automatically serves the index.html file without requiring the user to explicitly specify it in the URL.

q translate "Update my CloudFront distribution CLOUDFRONT_ID to have 'index.html' as default root object without using the --distribution-config flag"

Don’t forget to replace CLOUDFRONT_ID with the Id you retrieved from the previous step. Once you execute that command, you should see the CloudFront configuration printed on the console like the step above.

Now, to securely serve our HTML file to the public, we need to perform the following:

1. set up an Origin Access Control (OAC)
2. attach that OAC to our CloudFront distribution
3. update our S3 bucket policy

Let’s have Amazon Q generate an OAC for us:

q translate "Create an OAC named 'ai-generated-oac' for my CloudFront distribution CLOUDFRONT_ID"

When we execute the command, we get an error saying:

An error occurred (MalformedXML) when calling the CreateOriginAccessControl operation: 1 validation error detected: Value 'origin-access-identity' at 'originAccessControlConfig.originAccessControlOriginType' failed to satisfy constraint: Member must satisfy enum value set: [s3, lambda, mediastore, mediapackagev2]

It might be difficult to debug this error message without consulting the internet. Luckily, Amazon Q Developer offers another powerful capability, q chat, which is like a chatbot in your terminal. Let’s try it out to troubleshoot:

q chat "@history An error occurred (MalformedXML) when calling the CreateOriginAccessControl operation: 1 validation error detected: Value 'origin-access-identity' at 'originAccessControlConfig.originAccessControlOriginType' failed to satisfy constraint: Member must satisfy enum value set: [s3, lambda, mediastore, mediapackagev2]. Help me resolve this error"

Note that I included @history in the prompt to pass our shell history to Amazon Q so it can respond based on the context provided.

We get a detailed AI generated response on our terminal with step by step instructions and citations! By using the @history tag, Amazon Q Developer knows to relate the error message to the correct shell command we executed (we can see that it knows we want to create an OAC with name ai-generated-oac without us explicitly telling it so).

Let’s try executing the revised bash command:

aws cloudfront create-origin-access-control \
    --origin-access-control-config \
    Name=ai-generated-oac,\
    OriginAccessControlOriginType=s3,\
    SigningBehavior=always,\
    SigningProtocol=sigv4

This time, it succeeded:

Take a note of the Id field, we will need it later.

We can now ask q chat about how to attach the generated OAC to our CloudFront distribution:

q chat "@history Update my CloudFront distribution CLOUDFRONT_ID with the OAC we just generated, be specific"

Notice how @history even helps Amazon Q fill in CLOUDFRONT_ID for me!

We just need to follow the instruction and once we completed the last step, we should see an updated CloudFront distribution in our console output:

It shows a “Status” of “InProgress”. To proceed to the next step, we will need to wait for CloudFront to finish deployment. Let’s ask Amazon Q Developer how to get the latest status:

q translate "Get the status of my CloudFront distribution with CLOUDFRONT_ID on us-west-2"

Replace $CLOUDFRONT_ID with your own and execute the command to get the latest status. It might take a few minutes, it’s time to grab a coffee or go for a short walk!

Once the status is Deployed, we can go ahead and update our S3 bucket policy to give public read access to our CloudFront distribution:

You can see we are using a very vague prompt but @history made sure that Amazon Q has enough context to generate helpful responses.

Simply follow the instruction and we’re ready to access the site!

Step 6: Access the site 🎉

Let’s get the public URL of our CloudFront distribution.

Once you get the URL, you can open it in a browser, and it should show “Hello World”!

In this post, we’ve successfully:

1. Created an S3 bucket to host our website files
2. Generated a simple HTML file with a “Hello World” message
3. Uploaded the HTML file to our S3 bucket
4. Created a CloudFront distribution to serve our website securely
5. Set up an Origin Access Control (OAC) for our CloudFront distribution
6. Updated our S3 bucket policy to allow access from CloudFront
7. Accessed our website through the CloudFront URL

All of these steps were accomplished on our terminal using Amazon Q Developer on the CLI.

You’ve seen how effortlessly complex CLI commands can be translated into natural language, making AWS more accessible than ever. But this is just the start. As your needs grow, Amazon Q scales with you, delivering faster deployments, enhanced productivity, and seamless access to the full AWS ecosystem.

We encourage you to explore AWS services you haven’t yet tried, with Amazon Q Developer simplifying the process every step of the way. Let it streamline your workflow and unlock new opportunities to innovate and grow.