How To Install And Configure AWS CLI On Windows OS
Welcome to CloudAffaire and this is Debjeet.
In this blog post, we will discuss how to install and configure AWS CLI on Windows OS. AWS Command Line Interface (AWS CLI) is an open-source tool that enables you to interact with AWS services using commands in your command-line shell. With minimal configuration, you can start using functionality equivalent to AWS Management Console from the command prompt in your favorite terminal program. AWS CLI supports all the major operating systems and using AWS CLI you can administer all the IaaS (infrastructure as a service) services provided by AWS.
- One active AWS account with admin access.
- Windows XP or later OS version with admin access.
How To Install AWS CLI On Windows OS:
Step 1: Log in to your windows system and download the latest version of AWS CLI using the below link.
Step 2: Double click on the downloaded installer and click on “Run”.
Step 3: Follow the installation wizard and click ‘Install’ to install AWS CLI on your system.
Click on ‘Finish’ once the installation is completed.
Step 4: Validate the installation by executing the below command on the command prompt.
If you get the AWS CLI version that means your installation was successful. Next, we are going to configure AWS CLI.
How to configure AWS CLI on Windows OS:
AWS CLI require three mandatory parameters (access_key, secret_key, and region) to access the resource in your AWS account. You get the access_key and secret_key, when you create an IAM user with programmatic access or assume a role. The region parameter defines the region where AWS CLI will interact with the resources.
AWS CLI Configuration Parameters:
There are several configuration parameters available for AWS CLI that can be passed along with AWS CLI commands.
- access_key: Specifies an AWS access key associated with an IAM user or role.
- secret_key: Specifies the secret key associated with the access key. This is essentially the “password” for the access key.
- region: Specifies the AWS Region to send the request to.
- output: Specifies the output format to use. Output can be in text, json or table format.
- profile: Specifies the name of the CLI profile with the credentials and options to use. This can be the name of a profile stored in a credentials or config file
- session_token: Specifies an AWS session token. Used when you assume an IAM role.
- ca_bundle: Specifies a CA certificate bundle (a file with the .pem extension) that is used to verify SSL certificates.
AWS CLI Configuration Options:
There are several ways you can configure AWS CLI. The AWS CLI uses a set of credential providers to look for AWS credentials. Each credential provider looks for credentials in a different place, such as the system or user environment variables, local AWS configuration files, or explicitly declared on the command line as a parameter. Below is the precedence order for configuration settings.
- Command line options: Value that are passed directly (for example –region) with aws cli has the highest precedence.
- Environment variables: Value that are set as environment variable (for example AWS_DEFAULT_REGION) has the second highest precedence.
- Configuration Files: Values that are defined in configuration files (for example region in config file) has lowest precedence.
Using Configuration Files: You can save your frequently used configuration settings and credentials in files that are maintained by the AWS CLI. The files are divided into sections that can be referenced by name. These are called “profiles”. Unless you specify otherwise, the CLI uses the settings found in the profile named default. To use alternate settings, you can create and reference additional profiles.
Using Environment Variables: Environment variables provide another way to specify configuration options and credentials, and can be useful for scripting or temporarily setting a named profile as the default.
Using Instance Profile: When you run the AWS CLI from within an Amazon EC2 instance, you can simplify providing credentials to your commands. Each Amazon EC2 instance contains metadata that the AWS CLI can directly query for temporary credentials. To provide these, create an AWS Identity and Access Management (IAM) role that has access to the resources needed, and attach that role to the AWS EC2 instance when you launch it.
Next, we will configure AWS CLI using the configuration file option.
Prerequisite for this demo:
- One IAM user having admin access to AWS with programmatic access.
You can refer below blog posts to create IAM users.
Step 1: Open a command prompt and type ‘aws configure’. Provide the IAM user ‘Access Key’ and ‘Secret Key’ and the default region for your AWS infra.
Step 2: Validate the AWS CLI configuration using the below command.
aws sts get-caller-identity
Note: In Windows, the configuration files will be created in C:\Users\<USERNAME>\.aws\config location and In Linux, the config files will be created in ~/.aws/ location.
Step 3: Execute your 1st AWS CLI command.
aws ec2 describe-vpcs --output text --query "Vpcs[*].[VpcId]"
Hope you have enjoyed this blog post. To install AWS CLI on a different OS, please refer below AWS documentation.