What is AWS CloudShell? - AWS CloudShell

What is AWS CloudShell?

AWS CloudShell is a browser-based, pre-authenticated shell that you can launch directly from the AWS Management Console. You can run AWS CLI commands against AWS services using your preferred shell, such as Bash, PowerShell, or Z shell. And, you can do this without needing to download or install command line tools.

   AWS CloudShell interface after launch

When you launch AWS CloudShell, a compute environment that's based on Amazon Linux 2 is created. Within this environment, you can access an extensive range of pre-installed development tools, options for uploading and downloading files, and file storage that persists between sessions.

(Try it now: Tutorial: Getting started with AWS CloudShell.)

AWS CloudShell features

AWS Command Line Interface

You can launch AWS CloudShell from the AWS Management Console, and the AWS credentials that you used to sign in to the console are automatically available in a new shell session. This pre-authentication of AWS CloudShell users allows you to skip configuring credentials when interacting with AWS services using AWS CLI version 2. The AWS CLI is pre-installed on the shell's compute environment.

For more information on interacting with AWS services using the command-line interface, see Working with AWS services in AWS CloudShell.

Shells and development tools

With the shell that's created for AWS CloudShell sessions, you can switch seamlessly between your preferred command-line shells. More specifically, you can switch between Bash, PowerShell, and Z shell. You also have access to pre-installed tools and utilities. These include git, make, pip, sudo, tar, tmux, vim, wget, and zip.

The shell environment is pre-configured with support for leading software languages. For example, you can run Node.js and Python projects without needing to first perform runtime installations. PowerShell users can use the .NET Core runtime.

Files that are created in or uploaded to AWS CloudShell can also be committed to a local repository before they're pushed to a remote repository that's managed by AWS CodeCommit.

For more information, see AWS CloudShell compute environment: specifications and software.

Persistent storage

With AWS CloudShell, you can use up to 1 GB of persistent storage for each AWS Region at no additional cost. Persistent storage is located in your home directory ($HOME) and is private to you. Unlike ephemeral environment resources that are recycled after each shell session ends, data in your home directory persists between sessions.

For more information about the retention of data in persistent storage, see Persistent storage.


The AWS CloudShell environment and its users are protected by specific security features such as IAM permissions management, shell session restrictions, and Safe Paste for text input.

Permissions management with IAM

Administrators can grant and deny permissions to AWS CloudShell users using IAM policies. Administrators can also create policies that specify at a granular level the particular actions that those users can perform with the shell environment. For more information, see Managing AWS CloudShell access and usage with IAM policies.

Shell session management

Inactive and long-running sessions are automatically stopped and recycled. For more information, see Shell sessions.

Safe Paste for text input

Enabled by default, Safe Paste is a security feature that asks you to verify that multiline text that you're about to paste into the shell doesn't contain malicious scripts. For more information, see Using Safe Paste for multiline text.

Customization options

You can customize your AWS CloudShell experience by changing screen layouts (multiple tabs), text sizes, and light/dark interface themes. For more information, see Customizing your AWS CloudShell experience.

You can also extend your shell environment by installing your own software and modifying start-up shell scripts.

Session restore

The session restore functionality restores sessions that you were running across single or multiple browser tabs in the CloudShell terminal. If you refresh or reopen recently closed browser tabs, this functionality resumes the session until the shell is stopped because of inactive session. To continue using your CloudShell session, press any key within the terminal window. For more information about Shell sessions, see Shell sessions.

Session restore also restores the latest terminal output and running processes in each terminal tabs.


Session restore isn't available in mobile applications.


AWS CloudShell is an AWS service that's available at no additional charge. However, you pay for other AWS resources that you run with AWS CloudShell. Moreover, standard data transfer rates also apply.

For more information, see Service quotas and restrictions for AWS CloudShell.

How do I get started?

To start working with the shell, sign in to the AWS Management Console and choose AWS CloudShell from the home page.

    Choosing AWS CloudShell in the AWS Management Console.

For instructions on how to sign in to the AWS Management Console and performing key tasks with AWS CloudShell, see Tutorial: Getting started with AWS CloudShell.

Key AWS CloudShell topics