How to configure AWS CLI

AWS CLI is the command line tool to interact with cloud technologies deployed on AWS

Install AWS CLI as follows

pip3 install awscli --upgrade --user

If you are working with single cloud AWS account, then configuring AWS CLI is strait forward

$ aws configure
AWS Access Key ID [None]: ***
AWS Secret Access Key [None]: ***
Default region name [None]: us-west-2
Default output format [None]: json

Above command will take interactively required information such as Access Key and Secret Key including default region. Above command create two configuration files such as “credentials” and “config” their default location is ~/.aws/credentials and ~/.aws/config respectively

If you are working with multiple AWS accounts or multiple IAM users, you can configure AWS profiles. Configure AWS with –profile option interactively as follows

aws configure --profile user1                                                                                                                                                                     
AWS Access Key ID [None]: AK***T4FX                                                                                                                                                                                             
AWS Secret Access Key [None]: q**X                                                                                                                                                                     
Default region name [None]: ap-southeast-2                                                                                                                                                                                                 
Default output format [None]: json                                   

Using the “–profile” option creates the configuration with section “user1” as follows

Where ~/.aws/config. file would contain

[default]
region=us-west-2
output=json

[profile user1]
region = ap-southeast-2
output = json

And ~/.aws/credentials file would contain

[default]
aws_access_key_id=***
aws_secret_access_key=***

[user1]
aws_access_key_id = ***
aws_secret_access_key = ***

To select the appropriate profile set the environment variable AWS_PROFILE

#Linux or macOS

$ export AWS_PROFILE=user1

On Windows

C:\> setx AWS_PROFILE user1

Or, you can set the profile using command line option –profile of aws cli command as follows

$ aws ec2 describe-instances --profile user1

AWS Configuration precedence is as follows

  1. Command line options where you can specify --region--output, and --profile as parameters on the command line.
  2. Environment variables
  3. Credentials file such as ~/.aws/config and ~/.aws/credentials
  4. Container Credentials: Where you can associate IAM role with Amazon container service (Amazon ECS)
  5. Amazon EC2 instance profile credentials: It is possible to associate an IAM role with each of your Amazon Elastic Compute Cloud (Amazon EC2) instances.
Default image
neotam
Naveen T aka neotam. Programming language agnostic, Software architect, Python expert, Networking & DevOps engineer & consultant with 7+ years of experience in creating serious web applications, real time event-driven non blocking applications and database driven applications ranging from small scale to enterprise grade. website
Leave a Reply