AWS CLI

Cloud

AWS

AWS CLI

IAM User

Check

aws --version

To show account, ARN and UserID for the AWS CLI connection...

aws sts get-caller-identity

Install

Linux

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

unzip awscliv2.zip

sudo ./aws/install

rm -rf aws

rm -f awscliv2.zip

Ubuntu

sudo apt install awscli

Note that this will likely install a back level version. For the latest version consider the curl install method above.

Windows

Download the install package and run it

https://stackoverflow.com/questions/32946050/ssl-certificate-verify-failed-in-aws-cli

curl

Upgrade

Instructions below should be appropriate for all point releases of version 2 of the CLI. This should be reviewed on release of version 3.https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html

Linux

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

unzip awscliv2.zip

BIN_DIR=$(which aws | awk -F/aws '{ print $1 }')

INSTALL_DIR=$(ls -l $(which aws) | awk -F/v2 '{ print $1 }' | awk '{ print $11 }')

sudo ./aws/install --bin-dir ${BIN_DIR} --install-dir ${INSTALL_DIR} --update

Configure

You need to have an IAM user before you can configure AWS CLI. Once you can login to AWS select "My Security Credentials" from your account dropdown. If you already have an Access Key it will be shown in the "Access keys for CLI, SDK, & API access" section. Note that if you do not know the Secret Access Key associated with this Access Key then your only option is to create a new one (the Secret Access Key is not stored by AWS). You should delete the old key to avoid confusion.
If you have previously configured AWS CLI for your account on a different computer, the keys will be available in ~/.aws/credentials (C:\Users\USERNAME\.aws\credentials on Windows). For obvious reasons you should not configure AWS CLI access using your credentials from a shared account.

aws configure

AWS Access Key ID [None]: XXXXXXXXXX

AWS Secret Access Key [None]: XXXXXXXXXXXXXXXXXXXXXXX

Default region name [None]: eu-west-2

Default output format [None]: table

This information will be stored in ~/.aws/config and ~/.aws/credentials

Default output format can be:

json
yaml
text
table

If you need AWS CLI access to multiple AWS accounts then consider using a named Profile...

aws configure --profile profilename

This does require you to add --profile profilename to all aws commands you issue (where you can't use the default profile).

For one-off access to another AWS account (where you don't need the credentials permanently stored) you can set environment variables...

export AWS_ACCESS_KEY_ID=accesskey

export AWS_SECRET_ACCESS_KEY=secretaccesskey

export AWS_DEFAULT_REGION=region

You could set these in your .profile but, in general, it is best to store persistent settings in .aws/config and .aws/credentials where possible.

Getting Started

aws ec2 help

Several other pages in this documentation include examples of aws cli usage..

Uninstall

Linux

If installed using the curl/unzip method...

INSTALL_DIR=$(ls -l $(which aws) | awk -F/v2 '{ print $1 }' | awk '{ print $11 }')

echo ${INSTALL_DIR}

sudo rm $(which aws)

sudo rm $(which aws_completer)

rm -rf ${INSTALL_DIR}

If you installed with apt, use...

sudo apt remove awscli

Bibliography

https://aws.amazon.com/cli/ https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.htmlhttps://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.htmlhttps://awscli.amazonaws.com/v2/documentation/api/latest/reference/configure/index.htmlhttps://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.htmlhttps://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.htmlhttps://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html
https://github.com/awslabs/aws-shell
https://stackoverflow.com/questions/32946050/ssl-certificate-verify-failed-in-aws-cli

Page updated

Google Sites

Report abuse