AWS CloudShell compute environment: specifications and software
When you launch AWS CloudShell, a compute environment that's based on Amazon Linux 2023
Compute environment resources
Each AWS CloudShell compute environment is assigned the following CPU and memory resources:
-
1 vCPU (virtual central processing unit)
-
2-GiB RAM
And, the environment is provisioned with the following storage configuration:
-
1-GB persistent storage (storage persists after the session ends)
For more information, see Persistent storage.
CloudShell network requirements
WebSockets
CloudShell depends on the WebSocket protocol, which allows two-way
interactive communication between the user's web browser and the CloudShell service in the
AWS Cloud. If you're using a browser in a private network, secure access to the internet is
probably facilitated by proxy servers and firewalls. WebSocket communication can usually traverse
proxy servers without a problem. But in some cases, proxy servers prevent WebSockets from working
correctly. If this issue occurs, your CloudShell interface reports the following error:
Failed to open sessions : Timed out while opening the session
.
If this error occurs repeatedly, see the documentation for your proxy server to ensure that it's configured to allow WebSockets. Alternatively, you can contact your network's system administrator.
Note
If you want to define granular permissions by allow-listing specific URLs, you can add part of the URL that the AWS Systems Manager session uses to open a WebSocket connection for sending input and receiving outputs. (Your AWS CloudShell commands are sent to that Systems Manager session.)
The format for this StreamUrl used by Systems Manager is wss://ssmmessages.region.amazonaws.com/v1/data-channel/session-id?stream=(input|output)
.
The region represents the Region identifier for an AWS
Region supported by AWS Systems Manager, such as us-east-2
for the US East (Ohio)
Region.
Because the session-id is created after a particular Systems Manager session is successfully started, you can only specify
wss://ssmmessages.region.amazonaws.com
when updating your URL allowlist.
For more information, see the StartSession operation
in the AWS Systems Manager API Reference.
Pre-installed software
Note
Because the AWS CloudShell development environment is regularly updated to provide access to the
latest software, we don't provide specific version numbers in this documentation. Instead, we
describe how you can check which version is installed. To check the installed version, enter the
program name followed by the --version
option (for example, git
--version
).
Shells
Name | Description | Version information |
---|---|---|
Bash |
The Bash shell is the default shell application for AWS CloudShell. |
|
PowerShell (pwsh) |
Offering a command line interface and scripting language support, PowerShell is built on
top of Microsoft’s .NET Command Language Runtime. PowerShell uses lightweight commands called
|
|
Z Shell (zsh) |
The Z Shell, also known as |
|
AWS command line interfaces (CLI)
Name | Description | Version information |
---|---|---|
AWS CDK Toolkit CLI |
The AWS CDK Toolkit, the CLI command, For more information, see AWS CDK Toolkit. |
|
AWS CLI |
The AWS CLI is a command line interface that you can use to manage multiple AWS
services from the command line and automate them using scripts. For more information, see
Manage AWS services from CLI in CloudShell. For information about how you can ensure that you're using the most up-to-date version AWS CLI version 2, see Installing AWS CLI to your home directory. |
|
EB CLI |
The AWS Elastic Beanstalk CLI provides a command line interface to simplify creating, updating, and monitoring environments from a local repository. For more information, see Using the Elastic Beanstalk command line interface (EB CLI) in the AWS Elastic Beanstalk Developer Guide. |
|
Amazon ECS CLI |
Amazon Elastic Container Service (Amazon ECS) command line interface (CLI) provides high-level commands to simplify creating, updating, and monitoring clusters and tasks. For more information, see Using the Amazon ECS Command Line Interface in the Amazon Elastic Container Service Developer Guide. |
|
AWS SAM CLI |
AWS SAM CLI is a command line tool that operates on an AWS Serverless Application Model template and application code. You can perform several tasks. These include invoking Lambda functions locally, creating a deployment package for your serverless application, and deploying your serverless application to the AWS Cloud. For more information, see the AWS SAM CLI command reference in the AWS Serverless Application Model Developer Guide. |
|
AWS Tools for PowerShell | The AWS Tools for PowerShell are PowerShell modules that are built on the functionality exposed by
the AWS SDK for .NET. With AWS Tools for PowerShell, you can script operations on your AWS resources from the
PowerShell command line. AWS CloudShell pre-installs the modularized version (AWS.Tools) of the AWS Tools for PowerShell. For more information, see Using the AWS Tools for PowerShell in the AWS Tools for PowerShell User Guide. |
|
Runtimes and AWS SDKs: Node.js and Python 3
Name | Description | Version information |
---|---|---|
Node.js (with npm) |
Node.js is a JavaScript runtime that's designed to make it easier to apply
asynchronous programming techniques. For more information, see the documentation on the official Node.js
site npm is a package manager that provides access to an online registry of JavaScript
modules. For more information, see the documentation
on the official npm site |
|
SDK for JavaScript in Node.js |
The software development kit (SDK) helps simplify coding by providing JavaScript objects for AWS services including Amazon S3, Amazon EC2, DynamoDB, and Amazon SWF. For more information, see the AWS SDK for JavaScript Developer Guide. |
|
Python |
Python 3 is ready to use in the shell environment. Python 3 is now considered the
default version of the programming language (support for Python 2 ended in January 2020).
For more information, see the documentation on the
official Python site Also, pre-installed is pip, the package installer for Python. You can use this command
line program to install Python packages from the online indexes such as the Python Package
Index. For more information, see the documentation provided by the Python Packaging Authority |
|
SDK for Python (Boto3) |
Boto is the software development kit (SDK) that Python developers use to create, configure, and manage AWS services, such as Amazon EC2 and Amazon S3. The SDK provides an easy-to-use, object-oriented API, as well as low-level access to AWS services. For more information, see the Boto3
documentation |
|
Development tools and shell utilities
Name | Description | Version information |
---|---|---|
bash-completion |
bash-completion is a collection of shell functions that allow the autocompletion of
partially typed commands or arguments by pressing the Tab
key. You can find the packages that bash-completion supports in
To set up autocomplete for a package's commands, the program file must be sourced. For
example, to set up autocomplete for Git commands, add the following line to
If you want to use custom completion scripts, add them to your persistent home
directory ( For more information, see the project's README |
|
Git |
Git is a distributed version control system that supports modern software development
practices through branch workflows and content staging. For more information, see the
documentation page on Git's official site |
|
iputils |
The iputils package contains utilities for Linux networking. For more information
about the utilities provided, see the iputils repository on GitHub |
Examples for an iputils tool: |
jq | The jq utility parses JSON-formatted data to produce output that's modified by command
line filters. For more information, see the jq manual hosted on GitHub |
|
kubectl |
kubectl is a command line tool for communicating with a Kubernetes cluster's control plane, using the Kubernetes API. |
|
make |
The make utility uses makefiles to automate sets of tasks and
organize code compilation. For more information, see the GNU Make documentation |
|
man |
The man command provides manual pages for command line utilities and tools. For
example, man ls returns the manual page for the ls command that
lists the contents of directories. For more information, see the Wikipedia entry on man page |
|
nano | nano is a small and user-friendly editor for text-based interface. For more
information, see the GNU nano
documentation |
|
procps |
procps is a system administration utility that you can use to monitor and halt
currently running processes. For more information, see the README file that lists
programs that can be run with procps. |
|
SSH client |
SSH clients use the secure shell protocol for encrypted communications with a remote
computer. OpenSSH is the SSH client that's pre-installed. For more information, see the
OpenSSH site |
|
sudo |
With the sudo utility, users can run a program with the security permissions of
another user, typically the superuser. Sudo is useful when you need to install applications
as a system administrator. For more information, see the Sudo Manual |
|
tar |
tar is a command line utility that you can use to group multiple files in a single
archive file (often called a tarball). For more information, see the GNU tar documentation |
|
tmux |
tmux is a terminal multiplexer that you can use to run different programs simultaneous
in multiple windows. For more information, see a blog that provides a
concise introduction to tmux |
|
unzip |
For more information, see zip/unzip. | |
vim |
vim is a customizable editor that you can interact with through a text-based
interface. For more information, see the documentation resources provided on vim.org |
|
wget |
wget is a computer program used to retrieve content from web servers specified by
endpoints in the command line. For more information, see the GNU Wget documentation |
|
zip/unzip |
The zip/unzip utilities use an archive file format that delivers lossless data compression without data loss. Call the zip command to group and compress files in a single archive. Use unzip to extract files from an archive into a specified directory. |
|
Docker |
Docker |
|
Installing AWS CLI to your home directory
Like the rest of the software that's pre-installed in your CloudShell environment, the AWS CLI tool is updated automatically with scheduled upgrades and security patches. If you want to ensure that you have the most up-to-date version of AWS CLI, you can choose to manually install the tool in the shell's home directory.
Important
You need to manually install your copy of AWS CLI in the home directory so that it's
available the next time you start a CloudShell session. This installation is needed because
files that are added to directories outside of $HOME
are deleted after you
finish a shell session. Also, after you install this copy of AWS CLI, it isn't automatically
updated. In other words, it's your responsibility to manage updates and security patches.
For more information about the AWS Shared Responsibility Model, see Data protection in AWS CloudShell.
To install AWS CLI
-
In the CloudShell command line, use the
curl
command to transfer a zipped copy of the AWS CLI installed to the shell:curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
-
Unzip the zipped folder:
unzip awscliv2.zip
-
To add the tool to a specified folder, run the AWS CLI installer:
sudo ./aws/install --install-dir /home/cloudshell-user/usr/local/aws-cli --bin-dir /home/cloudshell-user/usr/local/bin
If it's installed successfully, the command line displays the following message:
You can now run: /home/cloudshell-user/usr/local/bin/aws --version
-
For your own convenience, we recommend that you also update the
PATH
environmental variable so that you don't need to specify the path to your installation of the tool when runningaws
commands:export PATH=/home/cloudshell-user/usr/local/bin:$PATH
Note
If you undo this change to
PATH
,aws
commands that don't feature a specified path use the pre-installed version of AWS CLI by default.
Installing third-party software on your shell environment
Note
We recommend that you review the Shared Security Responsibility Model
By default, all AWS CloudShell users have sudo permissions. Therefore, you can use the
sudo
command to install software that's not already available in the shell's
compute environment. For example, you can use sudo
with the DNF package-management
utility to install cowsay
, which generates ASCII art pictures of a cow with a
message:
sudo dnf install cowsay
You can then launch the newly installed program by typing echo "Welcome to AWS
CloudShell" | cowsay
.
Important
Package manage utilities such as dnf install programs in directories
(/usr/bin
, for example), which are recycled when your shell session ends.
This means additional software is installed and used on a per-session basis.
Modifying your shell with scripts
If you want to modify the default shell environment, you can edit a shell script that runs
every time the shell environment starts up. The .bashrc
script runs whenever
the default bash shell starts up.
Warning
If you incorrectly modify your .bashrc
file, you might not be able to
access your shell environment afterward. It's good practice to make a copy of the file before
editing. You can also mitigate risk by opening two shells when editing
.bashrc
. If you lose access in one shell, you're still logged in into the
other shell and can roll back any changes.
If you do lose access after incorrectly modifying .bashrc
or any other
file, you can return AWS CloudShell to its default settings by deleting your home directory.
In the procedure, you'll modify the .bashrc
script so that your shell
environment switches automatically to running the Z shell.
-
Open the
.bashrc
using a text editor (Vim, for example):vim .bashrc
-
In the editor interface, press the I key to start editing, and then add the following:
zsh
-
To exit and save the edited
.bashrc
file, press Esc to enter the Vim command mode and enter the following::wq
-
Use the
source
command to reload the.bashrc
file:source .bashrc
When the command line interface becomes available again, the prompt symbol has changed to
%
to indicate that you're now using the Z shell.