Introduction to AWS Command-Line-Interface (CLI)
By: +David Herron; Date: April 7, 2018
Tags: Amazon Web Services
AWS CLI is a pip package, and you must already have Python and pip installed.
Installing pip if needed
You may already have it installed, which can be checked as so:
If this fails you need to install it. If you have Python installed, you may be able to bootstrap pip install this way:
$ python -m ensurepip --default-pip
If that still fails, download https://bootstrap.pypa.io/get-pip.py and execute
$ python get-pip.py
Installing AWS CLI
For the installation overview, see: https://docs.aws.amazon.com/cli/latest/userguide/installing.html
$ pip install awscli --upgrade --user
--upgrade option tells pip to upgrade any requirements that are already installed. The
--user option tells pip to install the program to a subdirectory of your user directory to avoid modifying libraries used by your operating system.
OS specific instructions are at:
- Linux: https://docs.aws.amazon.com/cli/latest/userguide/awscli-install-linux.html
- macOS: https://docs.aws.amazon.com/cli/latest/userguide/cli-install-macos.html
- Windows: https://docs.aws.amazon.com/cli/latest/userguide/awscli-install-windows.html
Configuring credentials so AWS CLI can access your AWS account
Accessing your AWS account with the CLI tool requires getting IAM credentials. You then put those credentials in a hidden file in your home directory.
- In the left-hand pane, click on Users, then Add User
- Enter a login name, and other settings for this user, when done click on Next: Permissions
- We’re going to add this user to a Group, so click on Add User to Group and then Create Group
- Enter a group name. Then using the filtering dropdown, filter the policies by Job Function and select Administrator Access. Click on Create Group.
- The new group will be shown in a list of groups. Click on Next: Review
- Look over the settings, and if you agree click on Create User
After that the IAM console will give you a URL like https://aws_account_number.signin.aws.amazon.com/console/ with which to sign in. Log out of the AWS console, then log-in using this new URL and user name and password you just setup.
Another important task in the IAM console is to set up access keys to the IAM user. Access keys are used for authentication, with the AWS Command-Line tool and other services. While viewing the summary page for an IAM user, click on the Security Credentials tab. On this page is a section labeled Access Keys and a button marked Create Access Key. Click on the button, and a pair of keys will be generated. You must record the keys in a safe place, and this is the only time AWS will ever in, the history of this or any other universe, show you those keys.