The AWS Command Line Interface(CLI)is a unified tool to manage AWS services.With just one tool to download and configure,you can control multiple AWS services from the command line and automate them through scripts
We can download the AWS tolls by using this URL:https://aws.amazon.com/cli/
You can select the setup file based on your system architecture,if you are a windows user.
Amazon Linux will get the CLI tools pre-installed
- Here is the url to get all the commands for each and every AWS service: http://docs.aws.amazon.com/cli/latest/reference/
Steps to configure CLI tools on windows Operating systems
- First we have to download the setup file from the above mentioned web page,then follow the simple installation wizard.
- After installing these tools,we can use the windows command prompt to connect to AWS resources/services.
- To verify CLI tools installation,open command prompt and enter“AWS–version”,it should return with installed version information as the below image
4. But we cannot configure CLI tools using IAM Management console access users,we need to have Programmatic Access IAM use.
5. When we create a Programmatic Access IAM user we will get Access key ID and Secret Access Key.Please create a user and allocate appropriate permissions.
6. To configure IAM user in local windows machine,we have to“AWS configure”command
7. Enter the AWS Access Key ID and then enter the Secret Access key,choose the default region and default output format.
8. We have successfully configured the CLI tools and now try to access any of the AWS resource from the CLI configured device.Here am trying to list my S3 buckets for that am using aws s3ls command
9. We are able to get the details that means we are connecting to AWS account resources by using the Programmatic access IAM user credentials.
10. But,the IAM user credentials will store in a directory called. aws,In windows the path is C:\Users\Windows User Name\.aws,if you open credentials file,we will get the Configured IAM user’s Aceess Key ID and Secret Access Key
11. In Linux,The .aws directory will store under/(root)and It is a hidden directory,we can give ls–a command to get it,and inside the.aws directory we will have config and credentials files
12. In the above image,I’ve logged into the linux instance and switched to root,looked for aws directory,but it is not existed.Then Configured the IAM user with Access Key IA and Secret Access Key and accessed the AWS resources and we get the required resource information
13. After installing CLI IAM user,we got .aws directory under/(give ls–a to verify),inside that .aws directory we have config and credentials files,Credential file will contains the Access Key id and secret access key.
14. So this is not a secure method,any body can view these credentials and configure CLI tools on their own machines and they may access,So amazon will recommend to use the ROLES instead of storing the credentials in local machines
Policy:A policy is a JSON document that fully defines a set of permissions to access and Manipulate AWS resources.Policy documents contain one or more permissions.
More Information :https://www.fgrade.com/aws/iam-roles/