Configure AWS CLI

This guide will walk you through configuring the AWS CLI (aws) for your IAM user.

Fast Forward

If you have already configured aws for your IAM user, expand this box to fast-forward.

1. Proceed to the Verify section.

See also

• Official AWS CLI configuration guide.

Choose one of the following options to configure the AWS CLI:

• Option 1: Configure AWS CLI Automatically (preferred).
• Option 2: Configure AWS CLI Manually.

What You'll Need

Here is what you'll need based on where you have created your management environment.

Kubernetes

Local Docker

EC2 Instance

• An AWS account.
• A created management environment on Kubernetes.
• An IAM user with elevated privileges.
• The Access Key ID for this IAM user.
• The Secret Access Key for this IAM user.

• An AWS account.
• A created management environment on Local Docker.
• An IAM user with elevated privileges.
• The Access Key ID for this IAM user.
• The Secret Access Key for this IAM user.

• An AWS account.
• A created management environment on AWS.
• An IAM role with elevated privileges.

Option 1: Configure AWS CLI Automatically (preferred)

Configure the AWS CLI by following the on-screen instructions on the rok-deploy user interface.

If rok-deploy is not already running, start it with:

root@rok-tools:~# rok-deploy --run-from cli-aws

Proceed to the Summary section.

Option 2: Configure AWS CLI Manually

If you want to configure the AWS CLI manually, follow the instructions below.

Procedure

Create and configure the default AWS profile based on where you have created your management environment.

Kubernetes

Local Docker

EC2 Instance

Provide your AWS credentials and your region:

root@rok-tools:~# aws configure
AWS Access Key ID [None]: *****************XYZ
AWS Secret Access Key [None]: *****************xyz
Default region name [None]: us-east-1
Default output format [None]:

Provide your AWS credentials and your region:

root@rok-tools:~# aws configure
AWS Access Key ID [None]: *****************XYZ
AWS Secret Access Key [None]: *****************xyz
Default region name [None]: us-east-1
Default output format [None]:

Provide your region:

root@rok-tools:~# aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]: us-east-1
Default output format [None]:

Once the above command completes you should see the following files in your management environment:

• AWS configuration file, at /root/.aws/config.
• AWS credentials file, at /root/.aws/credentials.

Note

In case you already have an AWS CLI configuration that you want to reuse, you can copy the config and credentials files into the rok-tools container using docker cp or kubectl cp depending on your environment.

Verify

1. Verify that your credentials are valid.

   Kubernetes

   Local Docker

   EC2 Instance

   root@rok-tools:~# aws sts get-caller-identity
   {
       "UserId": "AIDASAMPLEUSERID",
       "Account": "123456789012",
       "Arn": "arn:aws:iam::123456789012:user/DevAdmin"
   }
   

   root@rok-tools:~# aws sts get-caller-identity
   {
       "UserId": "AIDASAMPLEUSERID",
       "Account": "123456789012",
       "Arn": "arn:aws:iam::123456789012:user/DevAdmin"
   }
   

   root@rok-tools:~# aws sts get-caller-identity
   {
       "Account": "123456789012",
       "UserId": "AROAV6Y2ROYW7V2SYMIYL:i-0926320f9adaf9b49",
       "Arn": "arn:aws:sts::123456789012:assumed-role/rok-tools/i-0926320f9adaf9b49"
   }
   

2. Verify you can access Amazon Kubernetes Service:

   root@rok-tools:~# aws eks list-clusters
   {
       "clusters": []
   }
   

Summary

You have successfully configured the AWS CLI for your IAM user in your management environment.

What's Next

The next step is to set up your cloud environment.

• Set Up Cloud Environment

PreviousNext