Amazon Web Services (AWS) is by far, one of, if not the best cloud computing service in the market, covering over 32% of the cloud infrastructure space.
Most times, AWS services are accessed and utilised through its web console. But a common drawback with using this method is the repetition of tasks.
Fortunately, AWS provides a Command Line Interface (CLI) to manage your AWS services via the command line. With this CLI, you can use multiple AWS services from the terminal and automate them through scripts.
This tutorial would help guide you on how to install and configure the AWS CLI on your computer. We'd be:
- Creating an IAM user responsible for the CLI
- Creating an access key for the created user
- Installing the CLI on our computer
- Configuring the CLI, and
- Testing the CLI using Amazon S3
To make use of the AWS CLI, you need to have;
- an AWS account.
- IAM (Identity and Access Management) credentials, and
- an IAM access key.
It is also recommended you do not use your root account credentials. Instead, you should create an IAM user that would provide the necessary permissions/services the CLI would need.
1. Creating an IAM User
Services in AWS require a user’s credentials so it could check if that user has the necessary permissions to access the resources the service would require. It is recommended that you create a user with administrative privileges and then use it to manage the CLI, instead of using your root account. It is also recommended that your interactions made with services available on the platform should be through created users, and not the root account.
In this tutorial, we’d create an IAM user called “AdminUser” and a user group called “Administrators” that would have administrative privileges.
1. Sign in to your AWS account as the root user.
2. Enable access to your account's billing info for the IAM user. To do this;
i. Select My Account.
iii. Scroll to the “IAM User and Role Access to Billing Information” section and click the Edit option next to it.
iv. Select the “Activate IAM Access” checkbox and choose Update.
3. Creating the user.
i. Head to the search box in the navigation bar, search for “IAM” and select it.
ii. Select Users on the sidebar and then click on the “Add Users” button.
iii. Input “AdminUser” as the username and under the “Select AWS access type” section, select the “AWS Management Console access” checkbox.
iv. For the console password, select the “Custom password” option to set a password of your choice.
v. If you want to set a new password while signing to the newly created user for the first time, select the “Require password reset” checkbox.
vi. Select the “Next: Permissions” button to proceed.
4. And now, let's create the user group. In the Permissions page;
i. Choose “Add User to group” and select the “Create group” button.
For the group name, type “Administrators”.
Select the checkbox for the “AdministratorAccess” policy and select the “Create group” button. Select the “Next: Tags” button to proceed.
The Tags page isn’t required to fill but is important when performing advanced operations. You can use it to add important metadata to the user you’re creating in a key-value pair format.
Select the “Next: Review” button to proceed. Verify that the settings displayed are correct. If all looks good, proceed to select the “Create user” button.
The success page is then displayed, and you can download your login information for that user in a .csv format, or email the login instructions instead.
2. Creating an Access Key
Access keys in AWS consist of an access key ID and a secret access key. These are used to perform programmatic requests to the AWS platform.
In the next step of this tutorial, we’d be creating access keys for the “AdminUser” we created;
You can only view your secret access key once and it can’t be recovered later. But you can generate new access keys anytime. Make sure you save your secret access key in a safe place upon successful creation.
Still, in the IAM console, select Users at the sidebar and choose the user whose access key you want to create. In our case, it is the “AdminUser“
Head over to the “Security credentials” tab, and in the “Access keys” section, click on the “Create access key” button.
This would trigger a dialogue box that displays your access key ID and secret access key. Copy the contents of the access key ID and secret key in a safe place. You can also select the “Download .csv file” button to get it in a .csv format for later reference.
After downloading/saving your access keys, click the “Close” button. Your access keys are now active.
3. Installing the CLI
The AWS CLI is available for the Linux, macOS and Windows platforms. This part of the tutorial covers steps on how to install them for your desired platform.
a. For Linux Users
The AWS CLI is available on the recent versions of the following distros;
- CentOS, and
- Linux ARM
To install on Linux, you can either use curl to download the CLI and unzip it immediately through the following command;
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
or download it and unzip/extract it yourself. I recommend you use the curl option to download and extract it with ease. Once the package has been unzipped using the curl option, you can immediately initiate the installation using the following command;
sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
To confirm if it’s installed, run;
b. For macOS Users
The AWS CLI can be installed on the Mac operating system either through a GUI installer or the command line. We'd be taking the GUI route to make things easier. To install via the GUI installer:
i. Download the pkg file from the following URL:
ii. As soon as the download is complete, open the pkg file and follow the instructions to complete its installation.
iii. Once the installation is complete, run the following commands to know if it’s installed to your $PATH variable;
to check the CLI’s version.
c. For Windows Users
To install the AWS CLI on the Windows platform, it must be a 64-bit version of Windows XP and above, and you need to have administrative privileges on that computer.
i. Download the msi installer from the following URL:
ii. As soon as the download is complete, run the msi installer and follow the instructions provided to proceed.
iii. Once the installation is complete, open the Command Prompt window by searching for cmd or Win key + R and type in cmd. Then run the following command to check its version:
4. Configuring the CLI
Now that the AWS CLI has been installed on our machine, the next step involves configuring some settings the CLI would need to properly communicate with AWS. Configuring these settings is done using the aws configure command which prompts you for the following information;
- Access key ID
- Secret access key
- AWS region, and
- Output format
Your access key ID and secret access key have been previously generated in step #2 of this tutorial. Copy and paste them when prompted for them.
Alternatively, instead of copying and pasting the credentials into the terminal, you can directly import them from the .csv we downloaded after generating the keys in step #2. We can achieve this using the following command;
aws configure import --csv <insert the csv file’s location here>
The next prompt is for the AWS region, which is a collection of AWS resources in a geographic area. This implies the region you want to send your requests to by default. It can be any region, but it’s recommended that you select the one closest to you. For example, to use the North Virginia region, you type in us-east-1.
The output format defines how the responses in the CLI are formatted. The value can either be;
If you don’t specify an output format, JSON would be selected by default.
Now that you’re done, run the following command:
aws configure list
This would display the settings you’ve specified, their values, and where the configurations are stored.
5. Testing the CLI With Amazon S3
Congratulations on getting to the last section of this tutorial. We’ve successfully created an IAM user, generated access keys for that user, installed the CLI on our Operating System, and configured it to communicate with AWS.
Now, we’d test if our CLI is working correctly by performing some AWS operations with it. We’d be using Amazon S3 to do just that.
Amazon S3 stands for Simple Storage Service and is used to not just store data, but protect it by specifying access controls on the stored data to meet specific technical requirements. It offers features like storage management, monitoring, analytics, access management, and data processing.
In this section of the tutorial, we’d;
- Create an S3 bucket.
- Move local files to the bucket.
- Delete uploaded files from the bucket.
- Delete the bucket.
i. Creating a Bucket
In Amazon S3, buckets are containers or top-level folders where you store your files. Their names should be globally unique, meaning that they should have a name that doesn’t already exist across every other S3 bucket. The syntax to create an s3 bucket is:
aws s3 mb s3://<your-bucket-name>
In this tutorial, we are creating a bucket called jossy-test-bucket (replace jossy with your name), so we type:
aws s3 mb s3://jossy-test-bucket
If the bucket was successfully created, you should get this as an output:
You can also run aws s3 ls to list your s3 buckets.
ii. Upload Local Files to a Bucket
Now that we’ve created our bucket, let’s proceed to move some files from our computer to our newly created bucket. The syntax for moving a local file to an s3 bucket is:
aws s3 mv <file-to-upload.extension> s3://<destination-bucket>
In my case, I’d be uploading a picture titled my-picture.png from my Document’s folder to jossy-test-bucket, my newly created bucket. To make the process easier, it’s recommended you navigate to the folder your file is in, right from the CLI. In this case, all I did after opening my terminal was;
after navigating to the folder containing the document I wish to upload, we run this command:
aws s3 mv my-picture.png s3://jossy-test-bucket
to check if the upload was successful, run the following command to list the content in your bucket:
aws s3 ls s3://<your-bucket-name>
iii. Delete Uploaded Files From the Bucket
We’ve successfully uploaded a file to our bucket, let’s proceed to delete it. We do that using the following command:
aws s3 rm s3://<your-bucket-name>/<file-to-delete>
The command for deleting the local file we just uploaded would be:
aws s3 rm s3://jossy-test-bucket/my-picture.png
To check for successful deletion, run:
aws s3 ls s3://<your-bucket-name>
If it returns an empty list or a list of files excluding the file you specified in the deletion command, you’ve successfully deleted that file.
iv. Delete a Bucket
Deleting an Amazon S3 bucket is pretty straightforward with the following command:
aws s3 rb s3://<bucket-to-delete>
Note that a bucket has to be emptied before can it be deleted. To delete a bucket that isn’t empty, you append the aforementioned command with the –force option. So it looks this way:
aws s3 rb s3://<bucket-to-delete> --force
So to delete the bucket we created earlier, we run the following command:
aws s3 rb s3://jossy-test-bucket
If you were able to run all S3 operations via the CLI successfully, it is safe to say you have everything set up and ready to go. And now that you have the CLI properly configured, you can interact and make use of resources in AWS without having to sign in to the web console.