AWS CLI
External
- https://aws.amazon.com/cli/
- https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html
- https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html
Internal
Overview
AWS CLI is a package that provides commands for interacting with the AWS services. All functionality available on the web Amazon Management Console is made available from command line.
Installation
Mac
This section documents installation of AWS CLI v2.
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /
Even it looks odd, "-target /" will install AWS CLI in /usr/local/aws-cli.
Linux
Test Installation
Verify the installation executing:
aws --version
aws-cli/2.0.35 Python/3.7.4 Darwin/18.7.0 botocore/2.0.0dev39
aws ec2 describe-regions
aws ec2 describe-hosts
Uninstall AWS CLI Version 1
sudo rm -rf /usr/local/aws
sudo rm /usr/local/bin/aws
Configuration
Configuration Profile
A collection of settings related to a certain account (access key, secret key, the default region and the default output format) are called a profile. The initial configuration procedure creates a profile named "default", and this is what AWS CLI uses by default. Additional named profiles can be created and stored, and then referred from command line with --profile, or configured in the environment to be used instead "default". The configuration information associated with profiles is stores in a series of local files. More details in the Configuration Files section.
Individual AWS CLI commands can be executed within the context of a specific profile using the --profile option:
aws s3 ls --profile blue
Configuration Profile Operations
List Available Profiles
aws configure list-profiles
List the Configuration for a Specific Profiles
Default profile:
aws configure list
Specific named profile:
aws configure list --profile blue
Permanently Select a Profile
A previously-configured profile can be selected by setting the "AWS_PROFILE" environment variable:
export AWS_PROFILE=jenkins
Add a New Profile
aws configure --profile green
AWS Access Key ID [None]: AKIAXXXXXXXXXXXXXXXX
AWS Secret Access Key [None]: yxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Default region name [None]: us-west-2
Default output format [None]:
If --profile <profile-name> is omitted, the default profile will be configured.
Change a Specific Configuration Element for a Profile
aws configure set region us-west-2 --profile <some-profile>
Alternative syntax:
aws configure set <some-profile>.region us-west-2
Change the Name of an Existing Profile
Manually change the name of the profile in ~/.aws/config and ~/.aws/credentials
Configuration Files
AWS CLI organizes configuration and credentials in two separate files placed in $USER/.aws. They are separated to isolate credentials for less sensitive options of region and output.
~/.aws/config
AWS CLI configuration file is maintained by default in ~/.aws/config:
[default]
region = us-west-2
ca_bundle = /path/to/ca-bundle.pem
output=json
[profile testing]
region = us-west-1
[profile testing2]
region = eu-west-1
[preview]
cloudsearch = true
~/.aws/credentials
AWS CLI credentials are maintained by default in ~/.aws/credentials:
[default]
aws_access_key_id=...
aws_secret_access_key=...