2020-05-29
|~3 min read
|492 words
Before we can configure the AWS CLI, we need to gather a few pieces of information first:
If you do not have these, you can generate them by going to the Identity and Access Management (IAM) service in your AWS Console.
Users
in the menu.Security credentials
and then under Access keys select “Create access key”.This is the only time you’ll be able to view the Secret Access Key ID
so be sure to write it down or download the CSV.
Now that we have these IDs, we’re ready to proceed.
If you only have one user that you need to configure, you can use the default process:
$ aws configure
AWS Access Key ID [None]: <Your Access Key ID>
AWS Secret Access Key [None]: <Your Secret Access Key ID>
Default region name [None]: us-west-2
Default output format [None]: json
This will store the settings in the default profile which is used every time an AWS CLI command is run unless otherwise specified.
aws configure
can take three different options:
--region
- referencing the AWS region to send data to. It defaults to the closest, however can be specified, e.g., us-east-1
.--output
- specifies the format of the output. Options are json
, yaml
, text
, and table
.--profile
- adds a named profile to the AWS CLI configuration.Imagine we have two users we need to switch between on a single machine (maybe they’re in different regions): user1
and user2
We can configure them with the following:
aws configure --profile user1 --region us-east-1 --output json
aws configure --profile user2 --region us-west-2 --output json
(Not shown is adding the Access and Secret Access Key IDs.)
Now, when we need to run an AWS CLI command, we can do so like:
aws s3 ls
to use the default user or with a specified profile like:
aws s3 ls --profile user1
aws s3 ls --profile user2
Alternatively, we can set the session to a specific profile. By default, the profile is set to default
, but we can change that to be one of users.
aws s3 ls # will use the default profile
export AWS_PROFILE=user1
aws s3 ls # will use the user1 profile
aws s3 ls --profiles user2 # will use the user2 profile
On a Mac, configuration for the AWS CLI is stored in the root directory by default.
You can review your configuration and credentials in the directory ~/.aws
:
% cd ~/.aws
% less config
[default]
output = json
[profile user1]
region = us-east-1
output = json
[profile user2]
region = us-west-1
output = json
Hi there and thanks for reading! My name's Stephen. I live in Chicago with my wife, Kate, and dog, Finn. Want more? See about and get in touch!