Configuring AWS-CLI
The AWS Command Line Interface (AWS CLI) is an open-source tool that enable users to interact with AWS services using commands in the command-line shell. The AWS CLI can be used for managing AWS services from a terminal session locally, allowing users to control and script multiple AWS services.
To put it simple, AWS CLI allows users to manage their AWS resources right from their terminal without going through the as-per-some time consuming Graphical User Interface (GUI) in the browser.
Installing AWS CLI
Installing aws cli is the easiest part. You can find the instructions on installation for your desired OS on the official docs here.
Generating Access Key
After successful installation of aws cli, you need to configure the aws on local system so that you can connect to your AWS account. For that you need to create a user in AWS IAM service & generate Access Key & Secret. Here is how to do that:
- Sign in to the AWS Management Console.
- Open the IAM (Identity and Access Management) service.
- In the left navigation pane, click on “Users”.
- Select your IAM user or create a new one if needed.
- If you create new user, set the name of user & attach required policies like AdminAccess & AmazonEC2FullAccess
- In the “Security credentials” tab, you should see an “Access keys” section.
- Click on “Create access key” if you don’t have one already.
- A new access key will be generated. Make sure to copy the Access Key ID and Secret Access Key values or download the CSV file containing them.
Note: The Secret Access Key is only displayed once, so make sure to save it securely. If you lose it, you will need to generate a new access key.
Configuring
Now that you got the credentials to connect to AWS account, launch your terminal and run:
aws configure
The command will prompt you to fill four parameters:
- AWS Access Key ID
- AWS Secret
- Default region name
- Default output format
Copy & paste the first two values from the previously noted or downloaded CSV file containing access credentials.
For Default region name, in your AWS account head on to top right corner and click on Global drop down button and note the region ID of your nearest or any desired region and paste in the terminal. Set default format to json or leave it empty.
Now to verify the successful authorization run the following command in your terminal and it should return the json object in the stated format.
$ aws sts get-caller-identity
{
"UserId": "AIDB6Q5ISO33GNHVF73G",
"Account": "998234943209",
"Arn": "arn:aws:iam::998234943209:user/demouser"
}
(END)
Location of credentials
By default aws cli stores the credentials into a directory located in your home directory i.e $HOME/.aws/
. For example in my case:
$ ls ~/.aws/
total 16
-rw-------@ 1 wired staff 44 Oct 26 21:32 config
-rw-------@ 1 wired staff 116 Oct 26 21:32 credentials
That is all for today. If you found this post useful consider sharing it with friends & subscribe for regular posts using RSS or Telegram.
Reply via mail