AWS CLI

Check

aws --version

To show account, ARN and UserID for the AWS CLI connection...

aws sts get-caller-identity

Install

Linux

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
rm -rf aws
rm -f awscliv2.zip

Ubuntu

sudo apt install awscli
Note that this will likely install a back level version. For the latest version consider the curl install method above.

Windows

Download the install package and run it

https://stackoverflow.com/questions/32946050/ssl-certificate-verify-failed-in-aws-cli

Upgrade

Instructions below should be appropriate for all point releases of version 2 of the CLI. This should be reviewed on release of version 3.https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html

Linux

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
BIN_DIR=$(which aws | awk -F/aws '{ print $1 }')
INSTALL_DIR=$(ls -l $(which aws) | awk -F/v2 '{ print $1 }' | awk '{ print $11 }')
sudo ./aws/install --bin-dir ${BIN_DIR} --install-dir ${INSTALL_DIR} --update

Configure


You need to have an IAM user before you can configure AWS CLI. Once you can login to AWS select "My Security Credentials" from your account dropdown. If you already have an Access Key it will be shown in the "Access keys for CLI, SDK, & API access" section. Note that if you do not know the Secret Access Key associated with this Access Key then your only option is to create a new one (the Secret Access Key is not stored by AWS). You should delete the old key to avoid confusion.
If you have previously configured AWS CLI for your account on a different computer, the keys will be available in ~/.aws/credentials (C:\Users\USERNAME\.aws\credentials on Windows). For obvious reasons you should not configure AWS CLI access using your credentials from a shared account.
aws configure
AWS Access Key ID [None]: XXXXXXXXXX
AWS Secret Access Key [None]: XXXXXXXXXXXXXXXXXXXXXXX
Default region name [None]: eu-west-2
Default output format [None]: table
This information will be stored in ~/.aws/config and ~/.aws/credentials

Default output format can be:

  • json
  • yaml
  • text
  • table

If you need AWS CLI access to multiple AWS accounts then consider using a named Profile...

aws configure --profile profilename
This does require you to add --profile profilename to all aws commands you issue (where you can't use the default profile).

For one-off access to another AWS account (where you don't need the credentials permanently stored) you can set environment variables...

export AWS_ACCESS_KEY_ID=accesskey
export AWS_SECRET_ACCESS_KEY=secretaccesskey
export AWS_DEFAULT_REGION=region
You could set these in your .profile but, in general, it is best to store persistent settings in .aws/config and .aws/credentials where possible.

Getting Started

aws ec2 help

Several other pages in this documentation include examples of aws cli usage..

Uninstall

Linux

If installed using the curl/unzip method...

INSTALL_DIR=$(ls -l $(which aws) | awk -F/v2 '{ print $1 }' | awk '{ print $11 }')
echo ${INSTALL_DIR}
sudo rm $(which aws)
sudo rm $(which aws_completer)
rm -rf ${INSTALL_DIR}

If you installed with apt, use...

sudo apt remove awscli