Ubuntu - Getting Started With The AWS CLI
Related Posts
Installation
In order to use the AWS CLI, one has to install it first. Pick one of the methods below:
From AWS (ZIP)
Unfortunately, the AWS team do not intend to publish v2 of the AWS CLI to PIP so this is the best option for getting v2 for now.
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \
&& unzip awscliv2.zip \
&& sudo ./aws/install
AWS CLI v1 From PIP
Install PIP if you havent already.
sudo pip3 install awscli
Setting Credentials
In order for the AWS CLI commands to work, it needs to know what credentials to use.
Running AWS Configure
The easiest way to configure your credentials is to run the following command:
aws configure
Then just answer the questions, and this will automatically create the credentials file for you.
json, table, or text. Personally, I use json.
Programmatically Configuring Credentials
If you need to set the credentials programmatically, you can do this like so:
aws configure set aws_access_key_id $MY_AWS_KEY_ID
aws configure set aws_secret_access_key $MY_AWS_KEY_SECRET
Alternatively, one can use environment variables like so:
export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
export AWS_DEFAULT_REGION=eu-west-2
Manual Credentials File Creation
If you don't want to run aws configure, or you just like to know how to do things manually, then you can just manually create the credentials file like so:
mkdir $HOME/.aws
vim $HOME/.aws/config
Then just fill it with your credentials, and the default region to operate in, like so:
[default]
aws_access_key_id = AKIAXXXXXXXXXXXXXXXX
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region = eu-west-2
Make sure to prevent file access from other users on the same machine.
chmod 600 $HOME/.aws/config
Alternative Location
If you don't like having the credentials file at the default location of $HOME/.aws/config, then you can set a different file location by setting the AWS_CONFIG_FILE environment variable.
E.g.
export AWS_CONFIG_FILE="/my/new/path/to/.aws/config"
Different Profiles
If you manage multiple accounts, or just need to use multiple IAM credentials for whatever reason, then you will benefit from setting multiple "profiles".
This can be done by simply setting the credentials underneath the profile name in [] brackets. E.g.
[default]
aws_access_key_id = AKIAXXXXXXXXXXXXXXXX
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region = eu-west-2
output=json
[profile2]
aws_access_key_id = AKIAXXXXXXXXXXXXXXXX
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region = eu-west-1
output=json
[myOtherProfile]
aws_access_key_id = AKIAXXXXXXXXXXXXXXXX
aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region = eu-west-2
output=json
Then all one needs to do is manually specify the profile in their commands using the --profile flag like so:
aws s3 \
--profile=profile2 \
cp --recursive \
s3://my-bucket \
s3://my-second-bucket
Testing
You can test it's working with a simple command t fetch the regions from AWS:
aws ec2 describe-regions
You can send an email like so:
aws ses send-email \
--text="this is a test" \
--reply-to-addresses="admin@my.domain.com" \
--from="admin@my.domain.com" \
--to="to@gmail.com" \
--subject="test"
Get Canonical ID
If you ever need your canonical ID, just run the following:
aws s3api list-buckets | grep ID
References
- GitHub - aws/aws-cli - Unable to locate credentials
- Installing aws-cli, the New AWS Command Line Tool
- Stack Overflow - Move files directly from one S3 account to another?
- Server Fault - How can I get the size of an Amazon S3 bucket?
- AWS Docs - Named profiles
First published: 4th May 2020