Prerequisites to use the AWS CLI version 2
To access AWS services with the AWS CLI, you need an AWS account and IAM credentials. When running AWS CLI commands, the AWS CLI needs to have access to those AWS credentials. To increase the security of your AWS account, we recommend that you do not use your root account credentials. You should create a user with least privilege to provide access credentials to the tasks you'll be running in AWS.
Create an IAM or IAM Identity Center administrative account
Before you can configure
To create an administrator user, choose one of the following options.
| Choose one way to manage your administrator | To | By | You can also |
|---|---|---|---|
| In IAM Identity Center (Recommended) |
Use short-term credentials to access AWS. This aligns with the security best practices. For information about best practices, see Security best practices in IAM in the IAM User Guide. |
Following the instructions in Getting started in the AWS IAM Identity Center User Guide. | Configure programmatic access by Configuring the AWS CLI to use AWS IAM Identity Center in the AWS Command Line Interface User Guide. |
| In IAM (Not recommended) |
Use long-term credentials to access AWS. | Following the instructions in Creating your first IAM admin user and user group in the IAM User Guide. | Configure programmatic access by Managing access keys for IAM users in the IAM User Guide. |
Next steps
After creating an AWS account and IAM credentials, to use the AWS CLI you can do one of the following:
-
Install the latest release of the AWS CLI version 2 on your computer.
-
Install a past release of the AWS CLI version 2 on your computer.
-
Access the AWS CLI version 2 from your computer using a Docker image.
-
Access the AWS CLI version 2 in the AWS console from your browser using AWS CloudShell. For more information see the AWS CloudShell User Guide.
