How To Install And Configure AWS CLI on Ubuntu 16.04
AWS(Amazon Web Services) is one of the first best public cloud service provider. It has grown to such an extent that now cloud is very much synonymous to aws. One of the reasons for its popularity is the easy to use web interface and the wide range of services offered.
Apart from the easy to use web interface, they also provide a command line based tool to access different services. This is a handy tool, that can be used to automate, trigger some events, and do things in aws cloud from a linux cli. Basically services like EC2 (create instances, stop instances etc), S3 (store and retrieve files), cloudwatch monitoring, elastic load balancing, autoscaling, and many more can all be accessed using this cli tool. It is called AWS CLI.
In this article, we will be going through the steps to install AWS CLI on Ubuntu 16.04 operating system.
Method 1: Using apt repository to install aws cli
root@localhost:~# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=16.04 DISTRIB_CODENAME=xenial DISTRIB_DESCRIPTION="Ubuntu 16.04.2 LTS"
The easiest way to install it using apt-get command as shown below.
root@localhost:~# apt-get update && apt-get install awscli
Lets now see the version of awscli that got installed.
root@localhost:~# aws --version aws-cli/1.11.13 Python/3.5.2 Linux/4.4.0-1022-aws botocore/1.4.70
The only problem with this method of installing aws cli using apt-get is that you wont be getting the very latest version. AWS CLI is continuously evolving (more and more services and features are added to it on a regular basis), and you wont be getting the latest features and services if you install it via apt-get. An alternate method is to install it as a python package using pip. Lets install AWS CLI on ubuntu 16.04 using Python Pip and then at the end lets walk through on configuring it and using it.
Method 2: Installing Using Python Pip
The very first step is to install python pip package manager. It can be achieved using the below command.
root@localhost:~# apt-get update && apt-get install python-pip
The next step is to install aws cli using pip command.
root@localhost:~# pip install awscli
Lets now verify the version that we installed using pip. It should be latest compared to the apt-get version we got earlier.
root@localhost:~# aws --version aws-cli/1.11.128 Python/2.7.12 Linux/4.4.0-1022-aws botocore/1.5.91
Configuring AWS CLI
To access aws services using cli, we need to provide the access key and secret key along with a default region. This can be done using a subcommand provided by aws cli. See below(following steps are exactly the same irrespective of whichever method of installation you chose).
root@localhost:~# aws configure AWS Access Key ID [None]: AAJHADKA723KAHSUWXNAK82Q AWS Secret Access Key [None]: EasfAUH8jsdsa\asfhwe&SHASNAKSOW872392jSMAs Default region name [None]: us-east-1 Default output format [None]:
aws configure command will prompt you for access key and secret key (You can enter your access key and secret key there, followed by the region, where your service is located. In the above example i have used us-east-1).
aws configure command creates two configuration files in the home directory of the user (the user using which you fired the aws configure command). This configuration file is located under .aws directory under the home directory.
root@localhost:~# cd .aws/ root@ip-10-12-2-254:~/.aws# ls config credentials
There are two files inside the .aws directory. One is "config" and the other is "credentials". Config file contains configurations like the region and output format that we entered duringaws configure command. Credentials file contains the access key and the secret key.
root@ip-10-12-2-254:~/.aws# cat config [default] region = us-east-1 root@ip-10-12-2-254:~/.aws# cat credentials [default] aws_access_key_id = AAJHADKA723KAHSUWXNAK82Q aws_secret_access_key = EasfAUH8jsdsa\asfhwe&SHASNAKSOW872392jSMAs
Now that we know what aws configure does, we can easily create the .aws directory(along with config and credentials files. This removes the need for us to manually fire aws configure command.)
Remember the fact that only the user whose home directory has .aws with credentials and config files with appropriate content can execute aws related commands.
Another alternative method is to configure two environment variables in the linux shell. One variable will be called AWS_ACCESS_KEY_ID and the other will be called AWS_SECRET_ACCESS_KEY. So basically without aws configure and without .aws directory with "config" and "credentials" file, you can simply fire the below two commands and start using aws cli to access your services.
root@localhost:~# export AWS_ACCESS_KEY_ID=AAJHADKA723KAHSUWXNAK82Q root@loclahost:~# export AWS_SECRET_ACCESS_KEY=EasfAUH8jsdsa\asfhwe&SHASNAKSOW872392jSMAs root@localhost:~# export AWS_DEFAULT_REGION=us-east-1
How to configure AWS CLI for all users in the system?
It is quite simple. Open the file /etc/environment and add the below two lines(replace it with correct access key and secret key).
ubuntu@localhost:~$ cat /etc/environment PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games" AWS_ACCESS_KEY_ID=AAJHADKA723KAHSUWXNAK82Q AWS_SECRET_ACCESS_KEY=EasfAUH8jsdsa\asfhwe&SHASNAKSOW872392jSMAs AWS_DEFAULT_REGION=us-east-1
Note that we only added the last two lines above. This file is invoked whenever a user logs in. So these environment variables will be set for all users. Hence all users in the system should be able to access aws cli and interact with the cloud services.
How to Verify if AWS CLI configuration?
This can be done by trying to interact with some of the aws cloud services using the cli. Try executing any of the below commands and see if it works without any issue.
aws s3 ls
The above command will get the listing of all s3 buckets in your account.
aws ec2 describe-instances
That should list all the instances in your account.
aws ec2 stop-instances --instance-ids i-da2345532
That should stop the instance with that id.
aws ec2 start-instances --instance-ids i-da2345532
Please keep the fact in mind that all these operations will only succeed if you have assigned proper required permission sets to the access key and secret key of the IAM user that you are using in the configuration.
Add new comment