Configure AWS CLI¶
This guide will walk you through configuring the AWS CLI (aws
) for your IAM
user.
Fast Forward
If you have already configured aws
for your IAM user, expand this box to
fast-forward.
- Proceed to the Verify section.
See also
Choose one of the following options to configure the AWS CLI:
Overview
What You'll Need¶
Here is what you'll need based on where you have created your management environment.
- An AWS account.
- A created management environment on Kubernetes.
- An IAM user with elevated privileges.
- The Access Key ID for this IAM user.
- The Secret Access Key for this IAM user.
- An AWS account.
- A created management environment on Local Docker.
- An IAM user with elevated privileges.
- The Access Key ID for this IAM user.
- The Secret Access Key for this IAM user.
- An AWS account.
- A created management environment on AWS.
- An IAM role with elevated privileges.
Option 1: Configure AWS CLI Automatically (preferred)¶
Configure the AWS CLI by following the on-screen instructions on the
rok-deploy
user interface.
If rok-deploy
is not already running, start it with:
root@rok-tools:~# rok-deploy --run-from cli-aws
Proceed to the Summary section.
Option 2: Configure AWS CLI Manually¶
If you want to configure the AWS CLI manually, follow the instructions below.
Procedure¶
Create and configure the default AWS profile based on where you have created your management environment.
Provide your AWS credentials and your region:
root@rok-tools:~# aws configure
AWS Access Key ID [None]: *****************XYZ
AWS Secret Access Key [None]: *****************xyz
Default region name [None]: us-east-1
Default output format [None]:
Provide your AWS credentials and your region:
root@rok-tools:~# aws configure
AWS Access Key ID [None]: *****************XYZ
AWS Secret Access Key [None]: *****************xyz
Default region name [None]: us-east-1
Default output format [None]:
Provide your region:
root@rok-tools:~# aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]: us-east-1
Default output format [None]:
Once the above command completes you should see the following files in your management environment:
- AWS configuration file, at
/root/.aws/config
. - AWS credentials file, at
/root/.aws/credentials
.
Note
In case you already have an AWS CLI configuration that you want to reuse,
you can copy the config and credentials files into the rok-tools
container using docker cp
or kubectl cp
depending on your
environment.
Verify¶
Verify that your credentials are valid.
root@rok-tools:~# aws sts get-caller-identity { "UserId": "AIDASAMPLEUSERID", "Account": "123456789012", "Arn": "arn:aws:iam::123456789012:user/DevAdmin" }
root@rok-tools:~# aws sts get-caller-identity { "UserId": "AIDASAMPLEUSERID", "Account": "123456789012", "Arn": "arn:aws:iam::123456789012:user/DevAdmin" }
root@rok-tools:~# aws sts get-caller-identity { "Account": "123456789012", "UserId": "AROAV6Y2ROYW7V2SYMIYL:i-0926320f9adaf9b49", "Arn": "arn:aws:sts::123456789012:assumed-role/rok-tools/i-0926320f9adaf9b49" }
Verify you can access Amazon Kubernetes Service:
root@rok-tools:~# aws eks list-clusters { "clusters": [] }