AWS CLI Commands Cheatsheet

All the generic AWS CLI Commands you need to know — MacOS Specific

Dasika Madhu

Published in

AWS in Plain English

8 min readJul 10, 2021

What is AWS CLI?

“The AWS Command Line Interface (AWS CLI) is an open source tool that enables you to interact with AWS services using commands in your command-line shell.”

Knowing how to interact with the AWS Services via the Console or APIs is insufficient and learning how to leverage CLI is an important aspect of AWS, especially for developers. After installation, it can be used to retrieve data quickly and automate processes. AWS CLI can be used to control all the existing services from a single tool.

AWS CLI Versions

Version 2.x — The current version is primarily used in production environments.
Version 1.x — The previous version is available for backward compatibility.

AWS CLI Command Structure

Regular command structure

$ aws ec2 import-key-pair --key-name KeyPair.pem --public-key-material file:///Users/<mac-user-name>/Downloads/KeyPair.pem

Multi-line command structure

$ aws ec2 import-key-pair \> --key-name KeyPair.pem \> --public-key-material file:///Users/<mac-user-name>/Downloads/KeyPair.pem

Using wait command pauses and resumes execution after confirming that the operation is ready to run

AWS CLI Command Structure including ‘wait’

$ aws iam wait user-exists --user-name default

Using the wizard to call the CLI Wizard GUI

$ aws iam wizard

Create an alias for frequently used commands

$ whoami = sts get-caller-identity

AWS CLI Commands

To check the existing version of AWS CLI

$ aws --version

AWS CLI Version

To check where AWS CLI is installed

$ which aws

Where AWS CLI is installed

Uninstall Version 1.x — when installed using pip

$ pip3 uninstall awscli

Uninstall Version 1.x — when installed using bundler installer

$ sudo rm -rf /usr/local/aws$ sudo rm /usr/local/bin/aws

Uninstalling AWS CLI Version 1.x — bundler installer

Install Version 2.x which supports multiple platforms including:

macOS install using the bundler installer user interface (append specific version number at the end of the URL) — download the .pkg file and follow all the on-screen instructions

https://awscli.amazonaws.com/AWSCLIV2.pkg https://awscli.amazonaws.com/AWSCLIV2-2.0.30.pkg // Version 2.x https://s3.amazonaws.com/aws-cli/awscli-bundle-1.19.3.zip // Version 1.x

Installation is possible from two perspectives — root user for all the users on the computer (with sudo) or current user (without sudo)

macOS install using the CLI

curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"// curl "https://awscli.amazonaws.com/AWSCLIV2-2.0.30.pkg" -o "AWSCLIV2.pkg" -> for Version 2.xsudo installer -pkg AWSCLIV2.pkg -target /

To uninstall AWS CLI Version 2.x

$ s -l /usr/local/bin/aws$ sudo rm /usr/local/bin/aws_completer$ sudo rm -rf /usr/local/aws-cli

To configure the AWS CLI, the default profile values are prompted for and are stored in the credentials file

$ aws configureAWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLEAWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEYDefault region name [None]: us-east-1Default output format [None]: JSON

// DEFAULT VALUES[default]
aws_access_key_id = EXAMPLE 
aws_secret_access_key = EXAMPLEKEY 
region = us-west-2
output = json

To configure a profile produser with different access keys, region and output settings

$ aws configure --profile produser

To access data authorized for a specific user produser (user with AdministratorAccess policy), in this case, S3 bucket information

$ aws s3 ls --profile produser

To change the setting for a profile produser and retrieve the setting to view confirm the change

$ aws configure set region us-west-2 --profile produser$ aws configure get region --profile produser

set and get region

To remove a setting from a profile

$ aws configure set cli_pager "" --profile produser$ aws configure get cli_pager --profile produser

Edit settings of an existing profile

To check existing profiles and switch between profiles

$ aws configure list-profile$ export AWS_PROFILE=MadhuNimeshika$ aws configure list

Display existing profiles and switching between them

To import .csv files generated in the IAM Console and display user details

$ cd <.csv-path>$ aws configure import --csv file://new_user_credentials.csv$ aws configure list

Import and display user .csv file details

To set Environment Variables

$ export AWS_ACCESS_KEY_ID = AKIAIOSFODNN7EXAMPLE$ export AWS_SECRET_ACCESS_KEY = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY$ export AWS_DEFAULT_REGION = us-west-2

To check config file

$ cd /Users/<mac-user-name>/.aws$ ls$ cat config

To enable command completion

Confirm that the aws completer folder is in your shell path

$ which aws_completer

To confirm the completer’s folder is in your path

2. Enable command completion after confirmation

$ complete -C '/usr/local/bin/aws_completer' aws

3. Verify command completion working

$ aws sTAB$ aws eTAB

Auto prompt searches and suggest all the possible commands

To use auto-prompt in ‘full mode’ and view documentation (press F3)

$ aws --cli-auto-prompt

2. To use auto-prompt in ‘partial mode’

$ aws <service-name> --cli-auto-prompt

To get help

$ aws help$ aws <service-name> help$ aws <service-name> <operation> help

To set output format from the available options — json, text, table yaml, yaml-stream

$ aws iam list-users --output json$ aws iam list-users --output text

existing IAM user data in json and text formats

To get a return code to confirm the status of the command

$ echo $?

To configure a wizard in the CLI

$  aws configure wizard

To use Wizard (only available for specific services)

Following AWS Services have the wizard option

aws configure
dynamodb (new-table)
iam (new-role)
events (new-rule)
lambda (new-function)

2. Use the wizard option in the command to call the Wizard GUI

$ aws iam wizard new-role — add role name & description

$ aws iam wizard new-role — choose which service the role can use

$ aws iam wizard new-role — attach existing policies

$ aws iam wizard new-role — create a new role

To create and use aliases for frequently used CLI commands

Create an alias file with no extension in your existing .aws configuration folder and echo ‘top level’

*You can edit the alias file directly using any text editor or using vim in the terminal

$ mkdir -p ~/.aws/cli$ echo '[toplevel]' > ~/.aws/cli/alias

2. Create alias (via CLI or add via text editor to the alias file) and call alias

*The [top-level] command is required for all alias files. An error -unable to parse config file .aws/cli/alias will be shown.

$ mkdir -p ~/.aws/cli$ echo '[toplevel]' > ~/.aws/cli/alias$ vim ~/.aws/cli/alias[toplevel]listbucket = s3 ls$ aws listbucket

using an alias to retrieve bucket details

Locate AWS CLI files in your Mac

Open Finder
Open your Mac — Volume under locations
Open Users
Open your <mac-user-name> folder
Open the .aws folder

You should be able to see the config, credentials, and any other files created

References

AWS has a lot of documentation on the CLI. These are the ones I followed to write this blog.

AWS CLI Command Reference
AWS CLI — Github for Version 2.x
AWS Aliases — Github

If you stuck around to read this blog till here, thank you! Hope it was helpful.

Let me know if there are any other commands that you use that I haven’t included and I will look into adding them here.

More content at plainenglish.io