AWS CLI Introduction

AWS CLI is a tool that provides an interface which can be used to perform almost all the functionalities of AWS Management Console in a command line environment. Using this tool , we can manage multiple AWS Services from the command line and even automate them using scripts. This tool is available for Windows, Mac OS and Linux.

Click on this link to go to the download page of AWS CLI tool for your Operating System.


After downloading and installing the AWS CLI tool, you can follow any one of the following methods depending upon your AWS Account to configure your CLI tool:

Standard AWS Account user:

Step 1: Login to your AWS Management Console from your Browser.

Step 2: Click on the Services -> Security, Identity & Compliance -> IAM

Step 2: Create a new user with the access type as “Programmatic Access”. You can set the access limit to certain Services in permissions. Now Click on Create User. You will see two entities named as access key and secret access key. Copy both in a file for further process.

Step 4: Open the command line of your OS (terminal for Linux, PowerShell /CMD for windows) and type the following command:

aws configure

Step 5: In the configuration menu provide the access key and secret access key which you’ve copied from the AWS Management Console earlier. Provide the region where you are going to deploy/use your services. Leave the default format section empty as it takes JSON as a default format. Press enter and voila! , you’ve successfully configured your AWS CLI to your IAM User Dashboard.

AWS Educate Account user:

Step 1: Login to your AWS Educate Starter account and click on Account Details.

Click on the Account Details button
Account Details Section

Step 2: Copy the entire content of AWS CLI section, paste and save it in the credentials file stored at:

Windows: C:\Users\<UserName>\.aws\credentialsLinux: /.aws/credentials

Note: Delete the contents of the credentials file before pasting.

Now that our AWS CLI has been successfully configured, let’s perform some tasks.

Creating a Key Pair:

A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove your identity when connecting to an instance. AWS EC2 stores the public key, and you store the private key.

  • To view all the existing key pairs:
aws ec2 describe-key-pairs --region us-east-1 
  • To create a new key pair:
Linux: aws ec2 create-key-pair --key-name MyKeyPair --query 'KeyMaterial' --output text > MyKeyPair.pemWindows: aws ec2 create-key-pair --key-name MyKeyPair --query 'KeyMaterial' --output text | out-file -encoding ascii -filepath MyKeyPair.pem
A new key pair has been successfully created and will be stored in the location where the command line is currently working.

The following command will generate a new SSH key using RSA encryption and will save it in your current working directory. You can use this key to log in to your EC2 Instances. For PowerShell, the > filename redirection defaults to UTF-8 encoding, which cannot be used with some SSH clients. So, you must convert the output by piping it to the out-file command and explicitly set the encoding to ascii.

A new key named MyKeyPair has been successfully created and is visible in AWS Management Consoe

Creating a Security Group:

A security group can be considered as a virtual firewall which monitors the inbound and outbound traffic of an EC2 instance. The inbound rules control the incoming traffic and the outbound rules control the outgoing traffic for an instance.

  • To view all the existing security groups:
aws ec2 describe-security-groups --region us-east-1
Currently available security groups in your AWS account
  • To create a new Security Group:
aws ec2 create-security-group --group-name "demo_security_group" --description "Just another Security group for demonstration" --region us-east-1
A new Security Group named “demo_security_group” has been created.

Now we will add some inbound rules in our newly created security group

aws ec2 authorize-security-group-ingress --group-name demo_security_group --protocol all --cidr
A new inbound rule has been added

Creating a new EC2 instance using the newly created key pair and security group:

  • To see the state of all the existing EC2 instances
aws ec2 describe-instances --region us-east-1
List of existing EC2 instances
  • Now we’ll create a new instance using Amazon Linux Image AMI (image id = ami-0947d2ba12ee1ff75).
aws ec2 run-instances  --region us-east-1 --image-id ami-0947d2ba12ee1ff75 --instance-type t2.micro --key-name MyKeyPair --security-group-ids sg-0e4d4dce28aa1389a --count 1
A new instance is created with the given properties
  • We can see the status of our newly created instance with given security group and key pair using the following command
aws ec2 describe-instances --instance-id <instance id of the created instance> --region us-east-1
The state of the instance is running
See the value of Security Group and Key name

Creating an EBS volume of 1 GB using AWS CLI tool:

AWS Elastic Block Storage provides raw block level storage which could be used as an additional directory for installation of various software and can be attached in any EC2 instance.

  • To create an EBS volume of 1 GB, use the following commands
aws ec2 create-volume --availability-zone us-east-1d --region us-east-1 --volume-type "gp2" --size 1 --tag-specifications 'ResourceType="volume",Tags=[{Key=name,Value=attach_volume}]'
An EBS volume of size 1 GB has been created
Newly created EBS volume as seen from AWS Management Console

Attaching the newly created EBS volume to the previously created EC2 instance:

  • Execute the following command to attach the EBS volume to your EC2 instance
aws ec2 attach-volume --instance-id i-001b138d8b7b6f7fc --volume-id vol-0f92667f65959bf01 --device /dev/xvdh --region us-east-1
State of the EBS volume can be seen as attaching

You can go to AWS Management Console to verify that your EBS volume has been successfully attached.

The state of EBS volume is changed to in-use after getting attached to the instance
Here we can see that the EBS Volume of size 1 GB is attached to the instance alongside the root volume of 8 GB

Voila! We have successfully created a key pair, a security group and used them both in creating an EC2 instance. We have further created an EBS volume of size 1 GB and attached it to the instance. And all of it has been done using AWS CLI tool!


Use the commands given below to delete the above setup if required.

aws ec2 detach-volume --instance-id i-001b138d8b7b6f7fc --volume-id vol-0f92667f65959bf01 --region us-east-1
State of the EBS volume has changed to “detaching”
aws ec2 delete-volume --volume-id vol-0f92667f65959bf01 --region us-east-1
The EBS volume of 1 GB has been deleted successfully
aws ec2 terminate-instances --instance-ids i-001b138d8b7b6f7fc --region us-east-1
Current state of the instance can be seen as “shutting-down”
The instance has been successfully terminated
aws ec2 delete-security-group --group-name demo_security_group --region us-east-1
aws ec2 delete-key-pair --key-name MyKeyPair --region us-east-1
MyKeyPair has been successfully deleted
demo_security_group has been successfully deleted




Final Year Undergrad from Indian Institute of Information Technology Ranchi interested in learning the ins and outs of Technology

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How AirOps Consulting Automatically Generates Documents using Airtable and On2Air to Save 3–4…

Sprint After Sprint, Amidst Coronavirus Chaos

Reflections on the fourth — and final! — week of the Makers pre-course

Determining Compound InterestWhat You Learned


How I Explain OOP to a Data Scientist in 5 Minutes

Rockin’ in Raleigh: at All Things Open and Tech & Pints

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Akshansh Singh

Akshansh Singh

Final Year Undergrad from Indian Institute of Information Technology Ranchi interested in learning the ins and outs of Technology

More from Medium

How to use AWS EC2, EBS, and S3 services using AWS CLI…

Using AWS S3 & Cloudfront To Host Your Resume on a Static Webpage


Use Jumbo Frames — MTU to Improve AWS EC2 Performance