Managing your AWS account and resources using the AWS Console is good. But the point-and-click method isn’t the best option if you want to automate or script your way into AWS management.
You’ll need to use the AWS Command Line Interface (CLI) instead. AWS CLI works on Windows, Linux, and macOS. This post will show you how to install AWS CLI on supported platforms, configure its credential, and a simple how-to on using AWS CLI to interact with AWS services.
- You must have an Amazon Web Services account. Consider creating a new free-tier account if you don’t have one.
- A computer with a supported operating system. AWS supports the following platforms:
- Windows — any 64-bit version currently supported by Microsoft.
- Linux — any 64-bit and recent versions of CentOS, Fedora, Ubuntu, Amazon Linux 1, Amazon Linux 2, and Linux ARM.
- macOS — any 64-bit version currently supported by Apple.
Install AWS CLI on Windows
- Open PowerShell as administrator.
- Run the below command to execute the AWS CLI MSI installer:
msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi
- The AWS CLI installation wizard shows up. Click Next.
- Tick the I accept the terms in the License Agreement box and click Next.
- On the Custom Setup page, click Next.
- Now, click Install to install AWS CLI.
- Wait for the installation to complete.
- Lastly, click Finish.
- Close your current PowerShell session, open a new one, and run the below command to display the AWS CLI version:
Install AWS CLI on Linux
- Open a new terminal session on your Linux machine.
- On your terminal, run the following command to download the AWS CLI installer:
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
Important. The URL https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip points to the latest AWS CLI installer for Linux.
- Next, unzip the file to the current directory. This command unzips to the aws parent directory:
- After unzipping the file, execute the install AWS CLI shell script with the following command:
- AWS CLI installs to the /usr/local/aws-cli/ folder and creates a symbolic link to /usr/local/bin/. To verify, run this command:
ls -l /usr/local/bin/aws
- Finally, check the AWS CLI version:
As of this writing, the newest AWS CLI version for Linux is 2.8.7.
Note. Check our tutorial on how to enable Root login on Ubuntu.
Install AWS CLI on Mac
- Open a terminal window on your Mac.
- Run the following command to download the AWS CLI install file. The https://awscli.amazonaws.com/AWSCLIV2.pkg URL always points to the latest AWS CLI v2 package for macOS.
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
- Next, run the installer command to install AWS CLI for Mac. The -pkg parameter specifies the package file you downloaded (AWSCLIV2.pkg), and the -target parameter points to the drive where you’ll install the package.
sudo installer -pkg AWSCLIV2.pkg -target /
- Wait for the installation to complete.
- The AWS CLI files were installed to /usr/local/aws-cli with a symbolic link to /usr/local/bin. Run the following commands to verify that the AWS CLI location is in the $PATH environment variable:
As you can see below, the output confirms that the system can run the aws command from any directory.
- Lastly, check the AWS CLI version installed:
Configure AWS CLI
So you’ve installed AWS CLI on your computer, which gets you one foot in the door. But before you can use AWS CLI, the first requirement is to configure the credential it will use to authenticate to your AWS account.
Create an IAM User with Programmatic Access
You may skip this step if you already have an IAM user created with a key pair. If not, let’s create a new IAM user with programmatic access.
- Log in to the Identity Access Management (IAM) console.
- Click Users → Add users*.
- Next, enter the User name for the new IAM user. In this example, let’s name it s3_admin to indicate that you’re creating a user with admin access to Amazon S3.
Under the AWS access type, check the Access key – programmatic checkbox. This access type will produce a key pair (access key ID + secret access key), which you’ll later configure in the AWS CLI.
- Click on Next: Permissions.
- Click the Attach existing policies directly button, and type amazons3 in the search box to filter the policy names list.
Since we’re giving this new user full access to Amazon S3, tick the box next to AmazonS3FullAccess*. Click Next: Tags.
- Tags are optional, and let’s skip this part for now. Click Next: Review.
- Review the summary and click Create user to finish creating the new IAM user.
- Once the user is created, click the Download .csv button to download the new user’s key pair.
- Open the new_user_credential.csv file in your preferred editor to view the Access key ID and Secret access key.
In this example, the Password and Console login link are irrelevant since you did not enable the password login for this user.
Configure AWS CLI Credentials
Now that you have a key pair, let’s configure AWS CLI with that credential. Note that the AWS CLI commands are the same across different platforms. The succeeding examples will be demonstrated on a Fedora Workstation.
- On your computer, open a terminal or PowerShell session.
- Run the below command to initiate the default credential configuration:
- On the prompts, enter the AWS Access Key ID, AWS Secret Access Key, Default region name, and Default output format.
- AWS CLI stores the credentials in the ~/.aws/credentials file and the configuration in the ~/.aws/config file.
Using AWS CLI
So the AWS CLI credential has been set. What next? Let’s put AWS CLI in action by interacting with the Amazon S3 service.
If you want to familiarize yourself with the AWS CLI commands, refer to the AWS CLI Command Reference documentation.
Create an S3 Bucket
- First, let’s confirm if there are any existing S3 objects in your AWS account:
aws s3 ls
In this example, there’s none.
- Let’s create a new S3 bucket using the aws s3 mb command. The challenge here is the bucket name must be unique across the entire AWS environment. Let’s try to create a new bucket named s3://my-first-aws-s3-bucket, and find out if it is unique.
aws s3 mb s3://my-first-aws-s3-bucket
Case in point, this bucket name already exists, and the command failed.
- For better chances of uniqueness, you may try adding random numbers to the bucket name:
aws s3 mb s3://my-first-aws-s3-bucket156872
This time, the command was successful and created a new S3 bucket.
- Let’s confirm if we can list the S3 buckets:
aws s3 ls
Upload a File to S3
- Now, let’s use AWS CLI to upload a file to the new bucket you created. The command you’ll use is:
aws s3 cp <localfile> <s3bucketname>
- For example, let’s upload the awscliv2.zip to the s3://my-first-aws-s3-bucket156872 bucket:
aws s3 cp awscliv2.zip s3://my-first-aws-s3-bucket156872
- Wait for the upload to complete, and you should see a result similar to the one below.
- To list the files (blobs) in a bucket, run the command below:
aws s3 ls s3://my-first-aws-s3-bucket156872/
- As expected, the S3 has one file, which is the one we just uploaded.
- Now, let’s delete all files in the bucket and then delete the bucket itself:
aws s3 rm s3://my-first-aws-s3-bucket156872/ --recursive aws s3 rb s3://my-first-aws-s3-bucket156872/
AWS CLI is an excellent tool for AWS admins and developers alike. It opens opportunities for automation and tool-making to make your life working with AWS easier.
From here, you should explore AWS CLI further. Try it out by creating EC2 instances, Docker image repositories, and so much more.