Are you new to AWS Cloud or tired of managing your AWS Cloud infrastructure using manual steps back and forth? If yes, you should consider installing AWS Command Line Interface (AWS CLI ) and managing infrastructure using it?
In this tutorial, you will learn how to install AWS CLI Version 2 and set up AWS credentials in the AWS CLI tool.
Let’s dive into it.
Table of Content
- What is AWS CLI?
- Installing AWS CLI Version 2 on windows machine
- Creating an IAM user in AWS account with programmatic access
- Configure AWS credentials using aws configure
- Verify aws configure from AWS CLI by running a simple commands
- Configuring AWS credentials using Named profile.
- Verify Named profile from AWS CLI by running a simple commands.
- Configuring AWS credentials using environment variable
What is AWS CLI?
AWS CLI enables you to interact and provides direct access to the public APIs of AWS services of various AWS accounts using the command-line shells from your local environment or remotely.
You can control multiple AWS services from the AWS CLI and automate them through scripts. You can run AWS CLI commands from a Linux shell such as bash, zsh, tcsh, and from a Windows machine, you can use command prompt or PowerShell to execute AWS CLI commands.
The AWS CLI is available in two versions, and the installation is exactly the same for both versions but in this tutorial, let’s learn how to install AWS CLI version 2.
Installing AWS CLI Version 2 on windows machine
Now that you have a basic idea about AWS CLI and connecting to AWS services using various command prompt and shells. Further in this section, let’s learn how to install AWS CLI Version 2 on a windows machine.
- First open your favorite browser and download the AWS CLI on windows machine from here
- Next, select the I accept the terms and Licence Agreement and then click on the next button.
- Further, on Custom setup page provide the location of installation path and then click on Next button.
- Now, click on the Install button to install AWS CLI version 2.
- Finally click on Finish button as shown below.
- Verify the AWS version by going to command prompt and run the below command.
As you can see below, the AWS CLI version 2 is successfully installed on a windows machine.
Creating an IAM user in AWS account with programmatic access
There are two ways to connect to an AWS account, the first is providing a username and password on the AWS login page and another is configuring the Access key ID and secret keys of IAM users in AWS CLI to connect programmatically.
Earlier, you installed AWS CLI successfully on a Windows machine, but you will need an IAM user with programmatic access to run commands from it.
Let’s learn how to create an IAM user in an AWS account with programmatic access, Access key ID, and secret keys.
- Open your favorite web browser and navigate to the AWS Management Console and log in.
- While in the Console, click on the search bar at the top, search for ‘IAM’, and click on the IAM menu item.
- To Create a user click on Users→ Add user and provide the name of the user
myuserand make sure to tick the Programmatic access checkbox in Access type which enables an access key ID and secret access key and then hit the Permissions button.
- Now select the “Attach existing policies directly” option in the set permissions and look for the “Administrator” policy using filter policies in the search box. This policy will allow
myuserto have full access to AWS services.
- Finally click on Create user.
- Now, the user is created successfully and you will see an option to download a .csv file. Download this file which contains IAM users i.e.
myuserAccess key ID and Secret access key which you will use later in the tutorial to connect to AWS service from your local machine.
Configure AWS credentials using aws configure in AWS CLI
You are an IAM user with Access key ID and secret keys, but AWS CLI cannot perform anything unless you configure AWS credentials. Once you configure the credentials, AWS CLI allows you to connect to the AWS account and execute commands.
- Configure AWS Credentials by running the aws configure command on command prompt.
- Enter the details such as AWS Access key ID, Secret Access Key, region. You can skip the output format as default or text or json .
- Once AWS is configured successfully , verify by navigating to C:\Users\YOUR_USER\.aws and see if two file credentials and config are present.
- Now open both the files and verify and you can see below you’re AWS credentials are configured successfully using
Verify aws configure from AWS CLI by running a simple commands
Now, you can test if AWS Access key ID, Secret Access Key, region you configured in AWS CLI is working fine by going to command prompt and running the following commands.
aws ec2 describe-instances
- You can also verify the AWS CLI by listing the buckets in your acount by running the below command.
aws cli s3
Configuring AWS credentials using Named profile.
Another method to configure AWS credentials that are mostly used is configuring the Named profile. A named profile is a collection of settings and credentials that you can apply to an AWS CLI command. When you specify a profile to run a command, the settings and credentials are used to run that command. Let’s learn how to store named profiles.
- Open credentials files which got created earlier using aws configure and if not then create a file named credentails in C:\Users\your_profile\.aws directory of your windows machine.
- Add all the Access key ID and Secret access key into the credentials file in the below format and save. By defining the Named profile allows you to connect with different AWS account easily and avoiding confusion while connecting to specific AWS accounts.
- Similarly, create another file config in the
- Next, add the “region” into the config file and make sure to add the name of the profile which you provided in the credentials file, and save the file. This file allows you to work with a specific region.
- For Linux and mac machine the location of credential file is
- For windows machine the location of config file is
Verifying Named profile from AWS CLI
Previously you configured the Named profile on your machine, but let’s verify the Named profile from AWS CLI by running a simple command. Let’s open the command prompt and run the below command to verify the sandbox profile that you created earlier.
aws ec2 describe-instances --profile sandbox
As you can see below, the instance is described properly using the command with Named profile shows Named profile is configured successfully.
Configuring AWS credentials using the environment variable
Finally, the last Configuring AWS credentials using the environment variables works well. Let’s check out quickly.
- Open the command prompt and set the AWS secret key and access key using the environmental variable using
set. The enviornment variables doesnt changes the value until the end of the current command prompt session, or until you set the variable to a different value
AWS CLI Error (ImportError: cannot import name ‘docevents’ from ‘botocore.docs.bcdoc’) and Solution
If you face any issues in AWS CLI related to python or any file then use the below command.
pip3 install --upgrade awscli
In this tutorial, you learned What is AWS CLI, how to install AWS CLI version 2, and various methods that allow you to configure AWS credentials and then work with AWS CLI.
So which method are you going to use while using AWS CLI to connect and manage AWS infrastructure?