Table of contents

Use AWS on the command line

💡 Before you can access something in AWS, you need to set up your AWS account.


1. Create ~/.aws/config

  1. You can find the role_arn in the “Role ARN” table in the docs
  2. You can find your mfa_serial under “Assigned MFA device” in your user profile in the AWS Console:

Aws how to get mfa

Create ~/.aws/config:

[profile govuk-<environment>]
source_profile = gds
role_arn = <Role ARN>
mfa_serial = <MFA ARN>

[profile gds]
region = eu-west-1

2. Create ~/.aws/credentials

First, create a pair of access keys.

Aws how to get access keys

Create ~/.aws/credentials:

[gds]
aws_access_key_id = <access key id>
aws_secret_access_key = <secret access key>

3. Test it! 🚀

To test your configuration run:

aws --profile govuk-integration s3 ls

You should be prompted for an MFA token. If successful, you should receive some output.

This page was last reviewed . It needs to be reviewed again by the page owner #govuk-2ndline.