Skip to main content



If installed with Brew, the "examples" directory is at /usr/local/share/awscli/examples.


V1 reference:

Use --dry-run to check if you have the required permissions.

Don't use the root user

do not use the AWS account root user access keys for any task where it's not required. Instead, create a new administrator IAM user with access keys for yourself source

Best practices for managing AWS access keys

  • Remove (or don't generate) an account access key
  • Use temporary security credentials (IAM roles) instead of long-term access keys


~/.aws/credentials and ~/.aws/config

aws configure help

aws configure is the fastest way to set up your AWS CLI installation

aws sts get-caller-identity -> Returns details about the IAM user or role whose credentials are used to call the operation - source. You can do aws sts get-caller-identity --query Account --output text to get only the account ID.

aws configure list-profiles

aws configure list

aws configure list --profile <profile-name>

Configure: aws configure --profile <profile-name> -> Asks for AWS Access Key ID, AWS Secret Access Key, Default region name and Default output format.

Set value: aws configure set <varname> <value> [--profile profile-name], eg aws configure set region us-east-1 --profile default

~/.aws/config example:


~/.aws/credentials example:

# aws_session_token=

Filtering AWS CLI output

Use --query <key> to select. See for how to query.

Use --output text/json/yaml/yaml-stream to change the output format.