AWS Command Line Interface
User Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Using an HTTP Proxy

To access AWS through proxy servers, you can configure the HTTP_PROXY and HTTPS_PROXY environment variables with either the DNS domain names or IP addresses and port numbers used by your proxy servers.

Note

The examples below show the environment variable name in all upper-case letters. However, if you specify a variable twice - once with upper-case letters and once with lower-case letters, the one with lower-case letters wins. We recommend that you define each variable only once to avoid confusion and unexpected behavior.

The following examples show how you can use either the explicit IP address of your proxy or a DNS name that resolves to the IP address of your proxy. Either can be followed by a colon and the port number to which queries should be sent.

Linux, macOS, or Unix

$ export HTTP_PROXY=http://10.15.20.25:1234 $ export HTTP_PROXY=http://proxy.example.com:1234 $ export HTTPS_PROXY=http://10.15.20.25:5678 $ export HTTPS_PROXY=http://proxy.example.com:5678

Windows

C:\> setx HTTP_PROXY http://10.15.20.25:1234 C:\> setx HTTP_PROXY=http://proxy.example.com:1234 C:\> setx HTTPS_PROXY=http://10.15.20.25:5678 C:\> setx HTTPS_PROXY=http://proxy.example.com:5678

Authenticating to a Proxy

The AWS CLI supports HTTP Basic authentication. Specify the user name and password in the proxy URL, as follows.

Linux, macOS, or Unix

$ export HTTP_PROXY=http://username:password@proxy.example.com:1234 $ export HTTPS_PROXY=http://username:password@proxy.example.com:5678

Windows

C:\> setx HTTP_PROXY http://username:password@proxy.example.com:1234 C:\> setx HTTPS_PROXY=http://username:password@proxy.example.com:5678

Note

The AWS CLI doesn't support NTLM proxies. If you use an NTLM or Kerberos protocol proxy, you might be able to connect through an authentication proxy like Cntlm.

Using a Proxy on Amazon EC2 Instances

If you configure a proxy on an Amazon EC2 instance launched with an attached IAM role, ensure that you exempt the address used to access the instance metadata. To do this, set the NO_PROXY environment variable to the IP address of the instance metadata service, 169.254.169.254. This address does not vary.

Linux, macOS, or Unix

$ export NO_PROXY=169.254.169.254

Windows

C:\> setx NO_PROXY 169.254.169.254