Prerequisites to use the AWS CLI version 2
To access AWS services with the AWS CLI, you need an AWS account and IAM credentials. When running AWS CLI commands, the AWS CLI needs to have access to those AWS credentials. To increase the security of your AWS account, we recommend that you do not use your root account credentials. You should create a user with least privilege to provide access credentials to the tasks you'll be running in AWS.
Create an IAM or IAM Identity Center administrative account
Before you can configure the AWS CLI, you need to create an IAM or IAM Identity Center account.
To create an administrator user, choose one of the following options.
| Choose one way to manage your administrator | To | By | You can also |
|---|---|---|---|
| In IAM Identity Center (Recommended) | Use short-term credentials to access AWS. This aligns with the security best practices. For information about best practices, seeSecurity best practices in IAM in theIAM User Guide. | Following the instructions inGetting started in theAWS IAM Identity Center User Guide. | Configure programmatic access byConfiguring the AWS CLI to use AWS IAM Identity Center in theAWS Command Line Interface User Guide. |
| In IAM (Not recommended) | Use long-term credentials to access AWS. | Following the instructions in Create an IAM user for emergency access in theIAM User Guide. | Configure programmatic access byManage access keys for IAM users in theIAM User Guide. |
Next steps
After creating an AWS account and IAM credentials, to use the AWS CLI you can do one of the following:
Install the latest release of the AWS CLI version 2 on your computer.
Install a past release of the AWS CLI version 2 on your computer.
Access the AWS CLI version 2 from your computerusing a Docker image.
Access the AWS CLI version 2 in the AWS console from your browser using AWS CloudShell. For more information see theAWS CloudShell User Guide.
