Table of contents

Use AWS on the command line

💡 Before you can access something in AWS, you need to set up your AWS account.

💡 You will need to install the AWS Command Line Interface.


1. Create ~/.aws/config

  1. You can find the role_arn in the “Role ARN” table
  2. You can find your mfa_serial under “Assigned MFA device” in your user profile in the AWS Console, under the IAM service:

Aws how to get mfa

Create ~/.aws/config:

[profile govuk-<environment>]
source_profile = gds
role_arn = <Role ARN>
mfa_serial = <MFA ARN>

[profile gds]
region = eu-west-1
mfa_serial = <MFA ARN>

2. Create ~/.aws/credentials

First, create a pair of access keys.

Aws how to get access keys

Create ~/.aws/credentials:

[gds]
aws_access_key_id = <access key id>
aws_secret_access_key = <secret access key>

3. Test it! 🚀

To test your configuration run:

aws --profile govuk-integration s3 ls

You should be prompted for an MFA token. If successful, you should receive some output.

This page was last reviewed on 29 January 2019. It needs to be reviewed again on 29 April 2019 by the page owner #govuk-2ndline .
This page was set to be reviewed before 29 April 2019 by the page owner #govuk-2ndline. This might mean the content is out of date.