AWS CLI that is AWS Command Line Interface that enables you to interact with AWS services in various AWS accounts using commands in your command-line shell from your local environment or remotely. The AWS CLI provides direct access to the public APIs of AWS services.
You can control multiple AWS services from the command line and automate them through scripts. You can run AWS CLI commands from Linux shell such as
tcsh and from windows machine you can use
command prompt or
PowerShell to execute AWS CLI commands.
The AWS CLI is available in two versions but lets learn how to install
AWS CLI version 2.
Table of Contents
- Installing AWS CLI Version 2 on windows machine
- Creating an IAM user in AWS account with programmatic access
- Configure AWS credentials using aws configure
- Verify aws configure from AWS CLI by running a simple commands
- Configuring AWS credentials using Named profile.
- Verify Named profile from AWS CLI by running a simple commands.
- Configuring AWS credentials using environment variable
Installing AWS CLI Version 2 on windows machine
- Download the installed for AWS CLI on windows machine from here
- Select I accept the terms and then click next button
- Do custom setup like location of installation and then click next button
- Now you are ready to install the AWS CLI 2
- Click finish and now verify the AWS cli
- Verify the AWS version by going to command prompt and type
Now AWS cli version 2 is successfully installed on windows machine.
Creating an IAM user in AWS account with programmatic access
There are two ways to connect to an AWS account, the first is providing a username and password on the AWS login page using browser and the other way is to configure Access key ID and secret keys of IAM user on your machine and then use command-line tools such as AWS CLI to connect programmatically.
For applications to connect from AWS CLI to AWS Service, you should already have Access key ID and secret keys with you that you will configure on your local machine to connect to AWS account.
Lets learn how to create a IAM user and Access key ID and secret keys !!
- Open your favorite web browser and navigate to the AWS Management Console and log in.
- While in the Console, click on the search bar at the top, search for ‘IAM’, and click on the IAM menu item.
- To Create a user click on
Users→ Add userand provide the name of the user
myuserand make sure to tick the Programmatic access checkbox in Access type which enables an access key ID and secret access key and then hit the Permissions button.
- Now select the “Attach existing policies directly” option in the set permissions and look for the “Administrator” policy using filter policies in the search box. This policy will allow
myuserto have full access to AWS services.
- Finally click on Create user.
- Now, the user is created successfully and you will see an option to download a .csv file. Download this file which contains IAM users i.e.
myuserAccess key ID and Secret access key which you will use later in the tutorial to connect to AWS service from your local machine.
Configure AWS credentials using aws configure
Now you IAM user with Access key ID and secret keys ,but AWS CLI cannot perform anything unless you configure
AWS credentials . Once you configure the credentials then AWS CLI allows you to connect to AWS account and execute commands.
- Configure AWS Credentials by running the
aws configurecommand on command prompt
- Enter the details such as
AWS Access key ID,
Secret Access Key,
region. You can skip the output format as default or text or json .
- Once AWS is configured successfully , verify by navigating to
C:\Users\YOUR_USER\.awsand see if two file
- Now open both the files and verify.
- Now, you’re AWS credentials are configured successfully using
Verify aws configure from AWS CLI by running a simple commands
Now, you can test if
AWS Access key ID ,
Secret Access Key ,
region you configured in AWS CLI is working fine by going to command prompt and running the following commands.
aws ec2 describe-instances
Configuring AWS credentials using Named profile.
A named profile is a collection of settings and credentials that you can apply to a AWS CLI command. When you specify a profile to run a command, the settings and credentials are used to run that command
Earlier you created one IAM user and configure AWS credentials using aws configure, lets learn how to store named profiles.
- Open credentials files which got created earlier using aws configure or create a file at
C:\Users\your_profile\.aws\credentialson your windows machine.
- Now , you can provide multiple
Access key IDand
Secret access keyinto the credentials file in the below format and save the file.
credentials files help you to set your profile. By this way, it helps you to create multiple profiles and avoid confusion while connecting to specific AWS accounts.
- Similarly, create another file
C:\Users\your_profile\.aws\configin the same directory
- Next, add the “region” into the config file and make sure to add the name of the profile which you provided in the credentials file, and save the file. This file allows you to work with a specific region.
~/.aws/credentials(Linux & Mac) or
~/.aws/config(Linux & Mac) or
Verify Named profile from AWS CLI by running a simple commands
Lets open command prompt and run the below command to verify
sandbox profile which you created earlier under two files ( %USERPROFILE%\.aws\credentials and USERPROFILE%\.aws\config)
aws ec2 describe-instances --profile sandbox
If you get a response shows you were able to configure Named profile succesfully.
Configuring AWS credentials using environment variable
Lets open command prompt and set the AWS secret key and access key using environmental variable. Using
set to set an environment variable changes the value used until the end of the current command prompt session, or until you set the variable to a different value
In this tutorial, you learned how to install AWS CLI and configured it using AWS Access key ID , Secret Access Key, region. Also you learned how to generate AWS Access key ID , Secret Access Key by creating an IAM user.