Introduction
You might be using AWS Web Console for managing your infrastructure. However, AWS Web Console is really ideal for once in a while kind of tasks. As you get more serious about building your AWS footprint, you’ll need to automate.
Meet AWS CLI, that makes it relatively easy to launch any AWS action from command line on your own PC. this makes managing and repeating your admin tasks easy.
In this post, we’ll start by installation the AWS CLI. We’ll learn how to configure it and also how to manage if you have multiple AWS accounts.
In upcoming posts in this series, we’ll learn how to squeeze every ounce or milligram of administration goodness out of AWS resources using the CLI.
Installing AWS CLI
Based on your OS, you can install AWS CLI easily following steps mentioned on official website on this link. I am using windows, so I used MSI Installer provided by AWS and once installed you can verify the installation by executing following command (PowerShell):
aws --version
Following is output shown after executing command:
In cloud, AWS CLI is pre-installed on AWS managed images.
Creating an IAM Admin User
To connect AWS CLI and perform various tasks, we need first to create an IAM admin user then use its access-key in AWS CLI configuration that’s how CLI would be able to perform tasks on behalf of that user.
Use AWS Web Console to create an admin user, attached existing security policy “Administrator Access”, enable programmatic access option and download access-key and secret. Steps are shown below:
Add User:
Attach existing policy (Administrator Access):
Download CSV
Configure AWS CLI
With our IAM Admin user created, next step, we will configure AWS CLI.
Open a PowerShell window and execute following command:
aws configure
It will prompt you for Access-Key, Secret information which you will get from downloaded CSV file of Admin User. Select a default region and output format as shown below:
Let’s test if the CLI is connected to admin user account and can perform some tasks. We’ll execute following command which will show all S3 buckets in this account.
aws s3 ls
and here is the output of the command execution:
and now if we check on web console, we will see that we have exactly same buckets there:
Configure Named Profiles for the AWS CLI
If you may have requirement to run more than one AWS account, you can manage it using the Profile option.
AWS Keeps config files in a direction (in home) called .aws. Here is the directory view:
- config: This file contains your format, region preferences etc.
- credentials: This file holds your access id & key itself.
Following shows content of the config file:
Here are the contents of the credentials file (I have three different AWS accounts configured):
You can use the profile command to add one or more additional account profiles.
aws configure --profile aws-japan
Here is how you can execute commands on different accounts:
aws s3 ls //(executes for default account)
aws --profile aws-japan s3 ls (using different account)
Summary
In this post, we started with basic introduction of AWS CLI, which helps speed up infrastructure administration tasks with ease. We learned how to install AWS CLI and configure it and how can we manage multiple AWS accounts using named profiles.
We will resume our journey and explore the power of AWS CLI in upcoming posts. Let me know if you have some questions or comments. Till next time, happy coding.
My Recent Books
Discover more from Hex Quote
Subscribe to get the latest posts sent to your email.
3 thoughts on “AWS CLI – Basics”
Comments are closed.