AWS CloudShell compute environment: specifications and software - AWS CloudShell

AWS CloudShell compute environment: specifications and software

When you launch AWS CloudShell, a compute environment that's based on Amazon Linux 2 is created to host the shell experience. The environment is configured with compute resources (vCPU and memory) and provides a wide range of pre-installed software that can be accessed from the command line interface. You can also configure your default environment by installing software and modifying shell scripts.

Compute environment resources

Each AWS CloudShell compute environment is assigned the following CPU and memory resources:

  • 1 vCPU (virtual central processing unit)

  • 2 GiB RAM

In addition, the environment is provisioned with the following storage configuration:

  • 1 GB persistent storage (storage persists after the session ends)

For more information, see Persistent storage.


Currently, the AWS CloudShell compute environment doesn't support Docker containers.

CloudShell network requirements

Web Sockets

CloudShell depends on the Web Socket protocol, which allows two-way interactive communication between the user's web browser and the CloudShell service in the AWS Cloud. If you're using a browser in a private network, secure access to the Internet is probably facilitated by proxy servers and firewalls. Web Socket communication can usually traverse proxy servers without a problem. But in some cases, proxy servers prevent Web Sockets from working correctly. If this occurs, your CloudShell interface reports the following error: Failed to open sessions : Timed out while opening the session.

If this error occurs repeatedly, see the documentation for your proxy server to ensure it's configured to allow Web Sockets. Alternatively, contact your network's system administrator.


If you want to define more granular permissions by allow-listing specific URLs, you can add part of the URL that the AWS Systems Manager session uses to open a WebSocket connection for sending input and receiving outputs. (Your AWS CloudShell commands are sent to that Systems Manager session.)

The format for this StreamUrl used by Systems Manager is wss://|output).

The region represents the Region identifier for an AWS Region supported by AWS Systems Manager, such as us-east-2 for the US East (Ohio) Region.

Because the session-id is created after a particular Systems Manager session is successfully started, you can only specify wss:// when updating your URL allow-list. For more information, see the StartSession operation in the AWS Systems Manager API Reference.

Pre-installed software


Because the AWS CloudShell development environment is regularly updated to provide access to the latest software, we don't provide specific version numbers in this documentation. Instead, we describe how you can check which version is installed. Often this can be done by entering the program name followed by the --version option (for example, git --version).


Pre-installed shells
Name Description Version information


The Bash shell is the default shell application for AWS CloudShell.

bash --version


Offering a command line interface and scripting language support, PowerShell is built on top of Microsoft’s .NET Command Language Runtime. PowerShell uses lightweight commands called cmdlets that accept and return .NET objects.


Z Shell (zsh)

The Z Shell, also known as zsh, is an extended version of the Bourne Shell that offers enhanced customization support for themes and plugins.

zsh --version

AWS command line interfaces (CLI)

Name Description Version information


The AWS CLI is a command line interface that you can use to manage multiple AWS services from the command line and automate them using scripts. For more information, see Working with AWS services in AWS CloudShell.

For information about how you can ensure that you're using the most up-to-date version AWS CLI version 2, see Installing AWS CLI to your home directory.

aws --version


The AWS Elastic Beanstalk CLI provides a command line interface to simplify creating, updating, and monitoring environments from a local repository.

For more information, see Using the Elastic Beanstalk command line interface (EB CLI) in the AWS Elastic Beanstalk Developer Guide.

eb --version

Amazon ECS CLI

Amazon Elastic Container Service (Amazon ECS) command line interface (CLI) provides high-level commands to simplify creating, updating, and monitoring clusters and tasks.

For more information, see Using the Amazon ECS Command Line Interface in the Amazon Elastic Container Service Developer Guide.

ecs-cli --version


AWS SAM CLI is a command line tool that operates on an AWS Serverless Application Model template and application code. You can perform several tasks. These include invoking Lambda functions locally, creating a deployment package for your serverless application, and deploying your serverless application to the AWS Cloud.

For more information, see the AWS SAM CLI command reference in the AWS Serverless Application Model Developer Guide.

sam --version

Runtimes and AWS SDKs: Node.js and Python 3

Runtimes and AWS SDKs
Name Description Version information

Node.js (with npm)

Node.js is a JavaScript runtime that's designed to make it easier to apply asynchronous programming techniques. For more information, see the documentation on the official Node.js site.

npm is a package manager that provides access to an online registry of JavaScript modules. For more information, see the documentation on the official npm site.

  • Node.js: node --version

  • npm: npm --version

SDK for JavaScript in Node.js

This software development kit (SDK) helps simplify coding by providing JavaScript objects for AWS services including Amazon S3, Amazon EC2, DynamoDB, and Amazon SWF. For more information, see the AWS SDK for JavaScript Developer Guide.

npm -g ls --depth 0 2>/dev/null | grep aws-sdk


Both Python 3 and Python 2 are both ready to use in the shell environment. Python 3 is now considered the default version of the programming language (support for Python 2 ended in January 2020). For more information, see the documentation on the official Python site.

Also, pre-installed is pip, the package installer for Python. You can use this command line program to install Python packages from the online indexes such as the Python Package Index. For more information, see the documentation provided by the Python Packaging Authority.

  • Python 2: python --version

  • Python 3: python3 --version

  • pip: pip3 --version

SDK for Python (Boto3)

Boto is the software development kit (SDK) that Python developers use to create, configure, and manage AWS services, such as EC2 and S3. The SDK provides an easy-to-use, object-oriented API, as well as low-level access to AWS services.

For more information, see the Boto3 documentation.

pip3 list | grep boto3

Development tools and shell utilities

Development tools and shell utilities
Name Description Version information


bash-completion is a collection of shell functions that allow the autocompletion of partially typed commands or arguments by pressing the Tab key. You can find the packages that bash-completion supports in /usr/share/bash-completion/completions.

To set up autocomplete for a package's commands, the program file must be sourced. For example, to set up autocomplete for Git commands, add the following line to .bashrc so the feature is available whenever your AWS CloudShell session starts:

source /usr/share/bash-completion/completions/git

If you want to use custom completion scripts, add them to your persistent home directory ($HOME) and source them directly in .bashrc.

For more information, see the project's README page on GitHub.

yum info bash-completion

CodeCommit utility for Git

git-remote-codecommit is a utility that provides a simple method for pushing and pulling code from CodeCommit repositories by extending Git. It's the recommended method for supporting connections that are made with federated access, identity providers, and temporary credentials.

For more information, see Setup steps for HTTPS connections to AWS CodeCommit with git-remote-codecommit in the AWS CodeCommit User Guide.

pip3 list | grep git-remote-codecommit


Git is a distributed version control system that supports modern software development practices through branch workflows and content staging. For more information, see the documentation page on Git's official site.

git --version


The iputils package contains utilities for Linux networking. For more information about the utilities provided, see the iputils repository on GitHub.

Examples for an iputils tool: arping -V

jq The jq utility parses JSON-formatted data to produce output that's modified by command line filters. For more information, see the jq manual hosted on GitHub.

jq --version


The make utility uses makefiles to automate sets of tasks and organize code compilation. For more information, see the GNU Make documentation.

make --version


The man command provides manual pages for command line utilities and tools. For example, man ls returns the manual page for the ls command that lists the contents of directories. For more information, see the Wikipedia entry on man page.

man --version


procps is a system administration utility that you can use to monitor and halt currently running processes. For more information, see the README file that lists programs that can be run with procps.

ps --version

SSH client

SSH clients use the secure shell protocol for encrypted communications with a remote computer. OpenSSH is the SSH client that's pre-installed. For more information, see the OpenSSH site maintained by the OpenBSD.

ssh -V


With the sudo utility, users can run a program with the security privileges of another user, typically the superuser. Sudo is useful when you need to install applications as a system administrator. For more information, see the Sudo Manual.

sudo --version


tar is a command line utility that you can use to group multiple files in a single archive file (often called a tarball). For more information, see the GNU tar documentation.

tar --version.


tmux is a terminal multiplexer that you can use to run different programs simultaneous in multiple windows. When running, tmux displays information about the current session in a status bar at the bottom of the window. For more information, see a blog that provides a concise introduction to tmux.

tmux -V


See zip/unzip

vim is a customizable editor that users interact with through a text-based interface. For more information, see the documentation resources provided on

vim --version


wget is a computer program used to retrieve content from web servers specified by endpoints in the command line. For more information, see the GNU Wget documentation.

wget --version


The zip/unzip utilities use an archive file format that delivers lossless data compression without data loss. Call the zip command to group and compress files in a single archive. Use unzip to extract files from an archive into a specified directory.

unzip --version

zip --version

Installing AWS CLI to your home directory

Like the rest of the software that's pre-installed in your CloudShell environment, the AWS CLI tool is updated automatically with scheduled upgrades and security patches. If you want to ensure that you have the most up-to-date version of AWS CLI, you can choose to manually install the tool in the shell's home directory.


You need to manually install your copy of AWS CLI in the home directory so that it's available the next time you start a CloudShell session. This is because files that are added to directories outside of $HOME are deleted after you finish a shell session. Note also that, after you install this copy of AWS CLI, it isn't automatically updated. In other words, it's your responsibility to manage updates and security patches.

For more information about the AWS Shared Responsibility Model, see Data protection in AWS CloudShell.

To install AWS CLI

  1. First, in the CloudShell command line, use the curl command to transfer a zipped copy of the AWS CLI installed to the shell:

    curl "" -o ""
  2. Unzip the zipped folder:

  3. Now run the AWS CLI installer to add the tool to a specified folder:

    sudo ./aws/install --install-dir /home/cloudshell-user/usr/local/aws-cli --bin-dir /home/cloudshell-user/usr/local/bin

    If it's installed successfully, the command line displays the following message:

    You can now run: /home/cloudshell-user/usr/local/bin/aws --version
  4. For your own convenience, we recommend that you also update the PATH environmental variable so that you don't need to specify the path to your installation of the tool when running aws commands:

    export PATH=/home/cloudshell-user/usr/local/bin:$PATH

    If you undo this change to PATH, aws commands that don't feature a specified path use the pre-installed version of AWS CLI by default.

Installing third-party software on your shell environment


We recommend that you review the Shared Security Responsibility Model before you install any third-party applications to the AWS CloudShell's compute environment.

By default, all AWS CloudShell users have sudo privileges. Therefore, you can use the sudo command to install software that's not already available in the shell's compute environment. For example, you can use sudo with the YUM package-management utility to install the GNU nano text editor:

sudo yum install nano

You can then launch the newly installed program by typing nano.


Package manage utilities such as yum install programs in directories (/usr/bin, for example), which are recycled when your shell session ends. This means additional software is installed and used on a per-session basis.

Modifying your shell with scripts

If you want to modify the default shell environment, you can edit a shell script that runs every time the shell environment starts up. The .bashrc script runs whenever the default bash shell starts up.


If you incorrectly modify your .bashrc file, you might not be able to access your shell environment afterward. It's good practice to make a copy of the file before editing. You can also mitigate risk by opening two shells when editing .bashrc. If you lose access in one shell, you're still logged into the other shell and can roll back any changes.

If you do lose access after incorrectly modifying .bashrc or any other file, you can return AWS CloudShell to its default settings by deleting your home directory.

In the procedure, you'll modify the .bashrc script so that your shell environment switches automatically to running the Z shell.

  1. Open the .bashrc using a text editor (Vim, for example):

    vim .bashrc
  2. In the editor interface, press the I key to start editing and add the following:

  3. To exit and save the edited .bashrc file, press Esc to enter the Vim command mode and enter the following:


  4. Use the source command to reload the .bashrc file:

    source .bashrc

    When the command line interface becomes available again, the prompt symbol has changed to % to indicate that you're now using the Z shell.

Deleting your home directory


Deleting your home directory is an irreversible action in which all the data that's stored in your home directory is deleted permanently. However, you might want to consider this option in the following situations:

  • You've incorrectly modified a file and can't access the AWS CloudShell compute environment. Deleting your home directory returns AWS CloudShell to its default settings.

  • You want to remove all your data from AWS CloudShell immediately. Note that, if you stop using AWS CloudShell in an AWS Region, persistent storage is automatically deleted at the end of the retention period unless you launch AWS CloudShell again in the Region.

If you require long-term storage for your files, please consider a service such as Amazon S3 or CodeCommit.

To delete your home directory and reset AWS CloudShell

  1. In the CloudShell interface, choose Actions, Delete AWS CloudShell home directory.

  2. In the dialog box, enter the word "delete" to activate the Delete option.

      Activating the Delete home directory button.
  3. Choose Delete.

    A new AWS CloudShell compute environment with default settings is created and started. You can confirm the deletion by running the ls command in the home directory.