Prerequisites to use the Amazon CLI version 2
To access Amazon services with the Amazon CLI, you need an Amazon Web Services account and IAM credentials. When running Amazon CLI commands, the Amazon CLI needs to have access to those Amazon credentials. To increase the security of your Amazon account, we recommend that you do not use your root account credentials. You should create a user with least privilege to provide access credentials to the tasks you'll be running in Amazon.
Create an IAM or IAM Identity Center administrative account
Before you can configure the Amazon CLI, you need to create an IAM or IAM Identity Center account.
Secure IAM users
After you sign up for an Amazon Web Services account, safeguard your administrative user by turning on multi-factor authentication (MFA). For instructions, see Enable a virtual MFA device for an IAM user (console) in the IAM User Guide.
To give other users access to your Amazon Web Services account resources, create IAM users. To secure your IAM users, turn on MFA and only give the IAM users the permissions needed to perform their tasks.
For more information about creating and securing IAM users, see the following topics in the IAM User Guide:
Next steps
After creating an Amazon Web Services account and IAM credentials, to use the Amazon CLI you can do one of the following:
-
Install the latest release of the Amazon CLI version 2 on your computer.
-
Install a past release of the Amazon CLI version 2 on your computer.
-
Access the Amazon CLI version 2 from your computer using a Docker image.
-
Access the Amazon CLI version 2 in the Amazon console from your browser using Amazon CloudShell. For more information see the Amazon CloudShell User Guide.