AWS CLI is the command line tool to interact with cloud technologies deployed on AWS
Install AWS CLI as follows
pip3 install awscli --upgrade --user
If you are working with single cloud AWS account, then configuring AWS CLI is strait forward
$ aws configure
AWS Access Key ID [None]: ***
AWS Secret Access Key [None]: ***
Default region name [None]: us-west-2
Default output format [None]: json
Above command will take interactively required information such as Access Key and Secret Key including default region. Above command create two configuration files such as “credentials” and “config” their default location is ~/.aws/credentials and ~/.aws/config respectively
If you are working with multiple AWS accounts or multiple IAM users, you can configure AWS profiles. Configure AWS with –profile option interactively as follows
aws configure --profile user1
AWS Access Key ID [None]: AK***T4FX
AWS Secret Access Key [None]: q**X
Default region name [None]: ap-southeast-2
Default output format [None]: json
Using the “–profile” option creates the configuration with section “user1” as follows
Where ~/.aws/config. file would contain
[default]
region=us-west-2
output=json
[profile user1]
region = ap-southeast-2
output = json
And ~/.aws/credentials file would contain
[default]
aws_access_key_id=***
aws_secret_access_key=***
[user1]
aws_access_key_id = ***
aws_secret_access_key = ***
To select the appropriate profile set the environment variable AWS_PROFILE
#Linux or macOS
$ export AWS_PROFILE=user1
On Windows
C:\> setx AWS_PROFILE user1
Or, you can set the profile using command line option –profile of aws cli command as follows
$ aws ec2 describe-instances --profile user1
AWS Configuration precedence is as follows
- Command line options where you can specify
--region
,--output
, and--profile
as parameters on the command line. - Environment variables
- Credentials file such as ~/.aws/config and ~/.aws/credentials
- Container Credentials: Where you can associate IAM role with Amazon container service (Amazon ECS)
- Amazon EC2 instance profile credentials: It is possible to associate an IAM role with each of your Amazon Elastic Compute Cloud (Amazon EC2) instances.
Leave a Reply