Posted on Sun 19 April 2020
aws cli macosWhile you can do all the things you need in AWS using the console, the AWS CLI offers a convenient way to control your environment from the terminal as well as to create simple or complex automations through scripts.
The first thing that you will need to be able to issue commands is a set of security credentials, that is an Access Key ID and a Secret Access Key. You can do that by using the AWS console.
Once you clicked on Create user, you will be given the option to download a .csv file with the credentials or you can copy them from this screen for later use and maybe keep them in a password manager. Please keep in mind that this will be the one and only time you will see the Secret access key in the console, so make sure you save it somewhere safe.
The easiest way to install the CLI on a Mac is by using Homebrew. If you don't have it installed already you can do so by following the instructions on their website, which say that you need to paste this following command in your terminal.
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
Once you have Homebrew installed, simply issue the following command in your terminal to install the AWS CLI.
brew install awscli
This will install awscli version 2 at the time of writing this article.
Now you need to tell the CLI what credentials to use to it can access your AWS account.
aws configure
Now you can issue commands. For example to see a list of all your s3 buckets you would type:
aws s3 ls
To get general help from the CLI:
aws help
To get help for a specific command, so you know how to use it, issue the command followed by help. For example, to get help on using the CLI with S3:
aws s3 help
When you configured your credentials above, this created a folder in your home directory called .aws as well as 2 files in that folder, credentials and config. These files can be used to configure additional profiles, either for different users in the same account, with different permissions, or as I use them, for different AWS accounts.
Let's say you want to add another user profile. You would first edit the credentials file.
vim ~/.aws/credentials
Under your default account you add the following lines, replacing the username and the credentials with yours.
[username]
aws_access_key_id=<your_access_key_id>
aws_secret_access_key=<your_secret_access_key>
Next edit the config file.
vim ~/.aws/config
Add your new profile information under the existing one, making sure the username matches the one in your credentials file.
[profile username]
region=us-east-1
output=json
Finally, you can use your new profile by issuing the following command in the terminal.
export AWS_PROFILE=username
From this point, every aws command will use this profile's credentials.
To read more about the AWS CLI and all the options you can visit this link.
Tech used
Website is powered by Pelican, which takes great advantage of Python. Icon from icons8. Template was built using Tailwindcss.