AWS - Install and Setup Command Line Interface

Overview

Amazon Web Services offer a large number of cloud based services and tools. There are a few different ways that we can interact with these services. These options include a web browser interface (https://aws.amazon.com/) and SDKs (Software Development Kits) for most major programming language. This article focuses on using the AWS-CLI (Amazon Web Services Command Line Interface.)  As the name suggest, the AWS-CLI allows us to interface using a system command line application. We will cover installation and setup so that we can connect to an existing AWS account and begin interacting with Amazon Web Services through the command line.

Prerequisites

Before we can begin there are a few things you will need to have:

1. An AWS account
2. Familiarity with a system command line application(e.g. terminal, iTerm)
3. For the Homebrew installation, you will need Homebrew installed (https://brew.sh/.)

Installing AWS-CLI

There are 2 versions of AWS-CLI as of the writing of this article. AWS-CLI version 2 is the latest release and this will be the version we use. Lets look at 2 methods for installing AWS-CLI

Note that this article is running AWS-CLI on Mac OSX Catalina. Follow these links for other system installations:

• Linux - https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html
• Windows - https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html

Homebrew Installation

Homebrew is a fantastic little package manager that makes life much easier when it comes to installing and maintaing applications on OSX.

1. We simply use the install command of brew to tell Homebrew that we want to install awscli.
   $ brew install awscli

MacOS Installation

We can manualling download and install using the command line directly.

curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /

1. Using the curl command will retrieve the install package and will be saved to the local drive using the file name set by the -o option.

2. Next, installer will install the downloaded pkg file, specified by the -pkg option. -target / option will install the package in the proper directory

Confirm Installation

We can quickly confirm everything was installed properly by running the following commands and confirming the following output

$ which aws
/usr/local/bin/aws 
$ aws --version
aws-cli/2.0.0 Python/3.8.1 Darwin/19.3.0 botocore/2.0.0dev4

Note: Your version of Python may be different depending on what is installed on you dev environment

Configuration

Now that we have the AWS command line tool installed we will need to configure it with our AWS account information. This will allow us to connect to our AWS account and gain access to services.

This will happen in 2 parts

1. Using Amazon's IAM service to create an access key pair to grant aws-cli access to the AWS account
2. Using the access key pair to configure aws-cli

Part 1 - Access Keys

In this section we will go through the steps for creating and downloading access credentials that will be used in Part 2 to complete the confuguration of AWS-CLI and gain access to the AWS account.

In order for you complete is section you will need to have created an AWS account (https://aws.amazon.com/)

Note: It is recommended that you use another account other than your root account. Such as creating another account with Admin privaleges will work well with this tutorial.

1. Sign in and Navigate to IAM services section of the aws.amazon.com (https://console.aws.amazon.com/iam/)
2. Locate the left-side menu and click on the users link under Access Management
3. You will see a list of users in the main window. Click on the user that will be used by aws-cli to log in.
4. This will take you to a summary page, where you will find a tab labeled Security credentials. Click this tab.
5. Under the section labled Access keys, click the Create access key button. This will open a new dialog box with the newly created access key.

At this point you can choose to download a csv file of the credential. Otherwise, you can copy and paste the Access key ID and Secret access key somewhere for use later.

Warning: You will not have access to the secret key after you close this dialog box.

Warning: Keep you access keys confidential. Sharing this information is like sharing your account. Proceed with caution.

Part 2 - awscli config

Now that we have the access key needed to configure awscli, we can return to the command line. The aws configure command is the fastest way to initially configure AWS-CLI

$ aws configure
AWS Access Key ID [None]: enter-your-access-key-id-here
AWS Secret Access Key [None]: enter-your-secret-access-key-here
Default region name [None]: us-west-2
Default output format [None]: json

AWS Access Key ID - the key ID value from the access key that was created in Part 1 - Access Keys

AWS Secret Access Key - the secret access key that was created in Part 1 - Access Keys

Default region name - the default region that the AWS-CLI will choose unless otherwise specified. Here I am using the value of us-west-2, but you can use any available region.

Default output format - This will tell AWSCLI how we want the output to be displayed to us in the command line. There are 4 possible output formats:

• json
• yaml
• text
• table

Once this is complete, AWS-CLI saves this configuration in a profile named default. These are the values AWS-CLI will use if no other values are explicitly defined. AWS-CLI will create a .aws folder in the user's home directory, as well as, create two text files inside the .aws folder.

1. .aws/credentials holds the profile access key ID and secret access key
2. .aws/config holds the profile default region name and output format

Note: You can always update/change these values by running aws configure again

Confirm Configuration

To check if everything is working properly we run a simple command against AWS S3, amazons storage service.

First, if you don't have any S3 buckets available, you will need to quickly create one (https://s3.console.aws.amazon.com/s3/).

Then, use aws s3 ls to list all the buckets that we have access to.

❯ aws s3 ls
2019-07-04 16:34:50 cloudtrail-logs
2020-01-14 15:18:54 cf-templates
2019-07-04 17:00:49 config-bucket
2020-01-15 15:08:13 query-results-bucket

Above is an example of a list of storage buckets that reside in this users S3 account. Depending on the S3 buckets you have created your list will look different

Conclusion

If you have made it this far, congratulations. You are now able to begin interacting with your AWS services through the command line interface.

We did this by downloading and installing the AWS-CLI application. We then created an access key using IAM through the web browser. We configured AWS-CLI using aws configure and the credintials from the access key to quickly configure and initialize AWS-CLI. Finally, using aws s3 ls command to list all S3 buckets available to verify that the profile configurations are complete.

In the next few articles we will look at interacting with individual services to manage service features