How to set-up the Amazon Web Services Command Line Interface (CLI)

Codefactori logo

Addteq’s Codefactori is a complete solution for software development teams, providing a hosted and managed software development solution centered around your tools. Given that our hosted Codefactori applications are in AWS, we use AWS’s Command Line Interface (CLI) to access and manage these systems. The AWS CLI is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

Because we run multiple applications we use specific profiles to access specific regions and software. Likewise, we manage access by using the profile option within CLI commands.  This keeps our access secure, ensuring each key is only used for a specific product or customer within Addteq.

Install AWS CLI

The first thing you will need to do is set up the AWS CLI.  Amazon provides clear instructions on how to install the AWS CLI tool on each platform at the following link.

https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html

Setup AWS CLI

Once AWS CLI is installed, you should be able to verify it by running the following command:

				
					$ aws --version
aws-cli/1.21.12 Python/3.8.10 Linux/5.13.0-39-generic botocore/1.22.10
				
			

The next step will be to configure the CLI to access AWS through your access key.

				
					$ aws configure
AWS Access Key ID [None]: AVCDDWJORMBFLFXZKANL
AWS Secret Access Key [None]: vUGWI5N6w0fm66Tjv82QN03fYVERlspeNg0gZLE3
Default region name [None]: us-east-1
Default output format [None]:
				
			

We can view our configurations by running the following command.  This is helpful to identify where our configuration files are stored if we ever need to change or add other accounts to connect as.

				
					$ aws configure list
      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************KANL shared-credentials-file   
secret_key     ****************ZLE3 shared-credentials-file   
    region                us-east-1      config-file    ~/.aws/config
				
			

Configuring Multiple Profiles

Because AWS allows us to create multiple access keys with different levels of permissions, we may need to manage multiple access keys.  The following steps can be used to set up and use multiple profiles within the AWS CLI.

				
					$ aws configure --profile test2
AWS Access Key ID [None]: IVZGIKLVGTMGGBVYOVXE
AWS Secret Access Key [None]: LgIXDMn7opDwesEkn1040dvQwb1Kl9p5D17HgAy9
Default region name [None]: us-west-1
Default output format [None]:


				
			

All configuration files for AWS CLI are stored in the same location and can be retrieved by using the `aws configure list` command seen above. We can look in the `~/.aws` directory at the config and credentials file.

				
					~/.aws$ cat credentials
[default]
aws_access_key_id = AVCDDWJORMBFLFXZKANL
aws_secret_access_key = vUGWI5N6w0fm66Tjv82QN03fYVERlspeNg0gZLE3
[test2]
aws_access_key_id = IVZGIKLVGTMGGBVYOVXE
aws_secret_access_key = LgIXDMn7opDwesEkn1040dvQwb1Kl9p5D17HgAy9
				
			

Within the credentials file, are the 2 profiles we have configured.  First is the default profile and second is the test2 profile we created too.

Using Multiple Profiles

With this setup, we can now run AWS CLI commands using 2 different sets of access keys.

The first key has access to s3, this is using our default profile.

				
					$ aws s3 ls
2021-10-29 09:25:22 bucket1
2021-10-29 09:24:43 bucket2
2021-10-09 15:44:43 bucket3
2021-10-06 15:59:09 bucket4
				
			

The second command uses the profile test2 and it does not have access to ListBuckets operation for S3.

				
					$ aws s3 ls --profile test2
 
An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
				
			

 By using the –profile we can change what access key we use within AWS CLI.

Would you like to automate your Atlassian and DevOps hosting needs?

M-Enabling Summit 2022 – Key takeaways

I attended the 2022 M-Enabling Summit in Washington DC on 24th October. M-Enabling Summit brings together key decision-makers from all sectors facilitating unique exchanges, collaborations,

Leave a Reply

Your email address will not be published. Required fields are marked *