You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
While the Management Console is great for exploration and visual tasks, the AWS Command Line Interface (CLI) is essential for automation, scripting, and efficient day-to-day operations. AWS CloudShell gives you a browser-based terminal with the CLI pre-installed, so you can start running commands without any local setup.
The AWS CLI is a unified command-line tool that lets you interact with AWS services by typing commands in a terminal. Anything you can do in the console, you can do with the CLI — and more.
| Benefit | Explanation |
|---|---|
| Speed | A single command can replace multiple console clicks |
| Scripting | Chain commands in Bash, PowerShell, or Python scripts |
| Automation | Integrate with CI/CD pipelines and cron jobs |
| Reproducibility | Save commands in version-controlled scripts |
| Bulk operations | Operate on hundreds of resources with loops and filters |
The CLI is available for macOS, Linux, and Windows.
# Download and install the latest version
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
Download the MSI installer from https://awscli.amazonaws.com/AWSCLIV2.msi and run it.
aws --version
# aws-cli/2.x.x Python/3.x.x Darwin/23.x.x source/arm64
Before you can use the CLI, you need to provide your credentials and default settings.
aws configure
This prompts for four values:
| Setting | Example | Description |
|---|---|---|
| Access Key ID | AKIAIOSFODNN7EXAMPLE | From your IAM user's security credentials |
| Secret Access Key | wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY | Paired with the access key |
| Default Region | eu-west-2 | The Region commands will target by default |
| Output Format | json | json, text, table, or yaml |
Credentials are stored in ~/.aws/credentials and settings in ~/.aws/config.
You can configure multiple profiles for different accounts or roles:
aws configure --profile production
aws configure --profile development
Then specify which profile to use:
aws s3 ls --profile production
Or set an environment variable:
export AWS_PROFILE=production
aws s3 ls # uses the production profile
Every AWS CLI command follows this pattern:
aws <service> <action> [options]
# List all S3 buckets
aws s3 ls
# Describe all EC2 instances
aws ec2 describe-instances
# Create a DynamoDB table
aws dynamodb create-table \
--table-name Users \
--attribute-definitions AttributeName=UserId,AttributeType=S \
--key-schema AttributeName=UserId,KeyType=HASH \
--billing-mode PAY_PER_REQUEST
# Get the caller identity (who am I?)
aws sts get-caller-identity
# JSON (default)
aws ec2 describe-instances --output json
# Human-readable table
aws ec2 describe-instances --output table
# Tab-separated text (great for scripting)
aws ec2 describe-instances --output text
# YAML
aws ec2 describe-instances --output yaml
The --query parameter uses JMESPath syntax to filter and shape output:
# Get just the instance IDs
aws ec2 describe-instances \
--query 'Reservations[*].Instances[*].InstanceId' \
--output text
# Get instance ID and state
aws ec2 describe-instances \
--query 'Reservations[*].Instances[*].[InstanceId,State.Name]' \
--output table
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.