AWS CLI: Difference between revisions
| Line 44: | Line 44: | ||
A collection of settings related to a certain account (access key, secret key, the default region and the default output format) are called a profile. By default, AWS CLI uses the "default" profile. Additional profiles can be created, named and stored, then later used for AWS CLI operations. | A collection of settings related to a certain account (access key, secret key, the default region and the default output format) are called a profile. By default, AWS CLI uses the "default" profile. Additional profiles can be created, named and stored, then later used for AWS CLI operations. | ||
Also, individual AWS CLI commands can be executed within the context of a specific profile using the --profile option: | |||
<syntaxhighlight lang='bash'> | |||
aws s3 ls --profile blue | |||
</syntaxhighlight> | |||
===Configuration Profile Operations=== | ===Configuration Profile Operations=== | ||
Revision as of 23:16, 7 August 2020
External
- https://aws.amazon.com/cli/
- https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html
- https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html
Internal
Overview
AWS CLI is a package that provides commands for interacting with the AWS services. All functionality available on the web Amazon Management Console is made available from command line.
Installation
This article documents installation of AWS CLI v2.
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /
Even it looks odd, "-target /" will install AWS CLI in /usr/local/aws-cli.
Verification:
aws --version aws-cli/2.0.35 Python/3.7.4 Darwin/18.7.0 botocore/2.0.0dev39
Uninstall AWS CLI Version 1
sudo rm -rf /usr/local/aws
sudo rm /usr/local/bin/aws
Configuration
Configuration Profile
A collection of settings related to a certain account (access key, secret key, the default region and the default output format) are called a profile. By default, AWS CLI uses the "default" profile. Additional profiles can be created, named and stored, then later used for AWS CLI operations.
Also, individual AWS CLI commands can be executed within the context of a specific profile using the --profile option:
aws s3 ls --profile blue
Configuration Profile Operations
List Available Profiles
aws configure list-profiles
List the Configuration for a Specific Profiles
Default profile:
aws configure list
Specific named profile:
aws configure list --profile blue
- Select a specific profile
- Add a new profile
- Remove a profile
The initial configuration procedure creates a profile named "default". Additional named profiles can be created, and then referred from command line with --profile.
Profiles can be created with:
aws configure set
Configuration Procedure
Once installed, AWS CLI can be configured by running:
aws configure
It will interactively inquire for AWS Access Key ID, etc.
Configuration Files
AWS CLI organizes configuration and credentials in two separate files placed in $USER/.aws. They are separated to isolate credentials for less sensitive options of region and output.
~/.aws/config
AWS CLI configuration file is maintained by default in ~/.aws/config:
[default]
region = us-west-2
ca_bundle = /path/to/ca-bundle.pem
output=json
[profile testing]
region = us-west-1
[profile testing2]
region = eu-west-1
[preview]
cloudsearch = true
~/.aws/credentials
AWS CLI credentials are maintained by default in ~/.aws/credentials:
[default]
aws_access_key_id=...
aws_secret_access_key=...
Selecting a Profile
A previously-configured profile can be selected by setting the "AWS_PROFILE" environment variable:
export AWS_PROFILE=jenkins
Test Installation
aws ec2 describe-regions
aws ec2 describe-hosts
Credential Providers
TODO
Define the relationship between the AWS CLI and EC2 CLI