AWS CLI Download for Mac: Step-by-Step

By /

Okay, here’s a very detailed article (approaching 5000 words) covering the AWS CLI download and installation process for macOS, broken down into a step-by-step guide with explanations, troubleshooting, and advanced configurations.

AWS CLI Download for Mac: Step-by-Step

This comprehensive guide provides a detailed walkthrough of downloading, installing, configuring, and using the AWS Command Line Interface (CLI) version 2 on macOS. We’ll cover everything from prerequisites to advanced configuration options, ensuring you have a solid understanding of the entire process. We’ll focus on best practices and address common troubleshooting scenarios.

Table of Contents

  1. Introduction to the AWS CLI

    • What is the AWS CLI?
    • Why Use the AWS CLI?
    • AWS CLI Version 1 vs. Version 2
    • Prerequisites

  2. Step-by-Step Installation Guide (Recommended Method: Installer Package)

    • Step 1: Download the AWS CLI Installer
    • Step 2: Run the Installer Package
    • Step 3: Verify the Installation
    • Step 4: Configure the AWS CLI (Initial Setup)
      • Access Key ID and Secret Access Key
      • Default Region
      • Default Output Format
      • Using aws configure
    • Step 5: Test Your Configuration

  3. Alternative Installation Methods

    • Using Homebrew (Recommended for Developers)
      • Installing Homebrew (if you don’t have it)
      • Installing the AWS CLI using Homebrew
      • Verifying the Homebrew Installation
    • Using pip (Python Package Installer)
      • Prerequisites for pip Installation
      • Installing the AWS CLI using pip
      • Potential PATH Issues and Solutions
      • Verifying the pip Installation
    • Manual Download and Installation (Not Recommended)
      • Downloading from AWS
      • Unzipping and Running Installer
      • PATH Considerations
    • Installing via AWS CloudShell (For Temporary Access)

  4. Understanding AWS CLI Configuration

    • The ~/.aws/credentials File
    • The ~/.aws/config File
    • Profiles
      • Creating Named Profiles
      • Using Named Profiles
    • Environment Variables
      • Setting Environment Variables
      • Precedence of Configuration Methods
    • IAM Roles
      • Using IAM Roles with the AWS CLI
      • Configuring Source Profile and Role ARN
      • Benefits of Using IAM Roles
    • SSO and temporary credentials

  5. Basic AWS CLI Usage

    • General Command Structure
    • Getting Help (--help)
    • Working with Amazon S3
      • Listing Buckets
      • Uploading Files
      • Downloading Files
      • Creating Buckets
    • Working with Amazon EC2
      • Listing Instances
      • Starting and Stopping Instances
      • Describing Instances
    • Working with IAM
      • Listing Users
      • Creating Users

  6. Advanced Configuration Options

    • Auto-Completion
    • Customizing Output
      • --query (JMESPath)
      • --output text
      • --output table
    • Endpoint Configuration
    • Proxy Settings
    • AWS CLI Paginator
      • Controlling Pagination

  7. Troubleshooting

    • “Command Not Found” Error
    • “Unable to Locate Credentials” Error
    • “An error occurred (AccessDenied)” Error
    • “An error occurred (InvalidClientTokenId)” Error
    • “An error occurred (ExpiredToken)” Error
    • Connectivity Issues
    • Version Conflicts
    • Permission Issues
    • Debugging with --debug

  8. Keeping the AWS CLI Updated

    • Using the Installer (Re-run the Installer)
    • Using Homebrew (brew upgrade awscli)
    • Using pip (pip install --upgrade awscli)

  9. Uninstalling the AWS CLI

    • Uninstalling via Installer Package
    • Uninstalling via Homebrew
    • Uninstalling via pip

  10. Best Practices

    • Use IAM Roles Whenever Possible
    • Avoid Hardcoding Credentials
    • Use Named Profiles for Different Accounts/Environments
    • Keep the AWS CLI Updated
    • Familiarize Yourself with the --help Option
    • Use Auto-Completion
    • Leverage --query for Efficient Output Filtering

1. Introduction to the AWS CLI

  • What is the AWS CLI?

    The AWS Command Line Interface (CLI) is a unified tool that allows you to interact with AWS services from your terminal or command prompt. It provides a consistent interface to manage various AWS resources, such as EC2 instances, S3 buckets, IAM users, and many more, using commands instead of the AWS Management Console’s graphical user interface.

  • Why Use the AWS CLI?

    The AWS CLI offers several advantages over the AWS Management Console:

    • Automation: You can script and automate tasks, making it ideal for repetitive operations, deployments, and infrastructure-as-code.
    • Efficiency: For experienced users, the CLI can often be faster than navigating the web console.
    • Programmatic Access: The CLI is easily integrated into scripts and applications, enabling programmatic control over AWS resources.
    • Consistency: The CLI provides a consistent interface across different operating systems (macOS, Windows, Linux).
    • Infrastructure as Code (IaC): The CLI is essential for managing infrastructure using tools like AWS CloudFormation, Terraform, or AWS CDK.
    • Speed: Quickly spin up or modify resources.

  • AWS CLI Version 1 vs. Version 2

    There are two major versions of the AWS CLI:

    • AWS CLI Version 1: The older version, still supported but generally recommended to upgrade.
    • AWS CLI Version 2: The latest version, with improved features, installation methods, and performance. It has fewer external dependencies, making it more reliable. This guide focuses on Version 2.

  • Prerequisites

    Before installing the AWS CLI, ensure you have the following:

    • macOS: This guide is specifically for macOS. The instructions may vary slightly for different macOS versions, but the general process remains the same.
    • An AWS Account: You need an AWS account to use the AWS CLI. If you don’t have one, you can create a free tier account at https://aws.amazon.com/free/.
    • IAM User with Appropriate Permissions: You’ll need an IAM (Identity and Access Management) user with the necessary permissions to access the AWS services you intend to use. It’s best practice not to use your root AWS account credentials. Create an IAM user with specific permissions. See the “Understanding AWS CLI Configuration” section for more details on IAM.
    • Terminal Access: You’ll need to use the Terminal application (found in /Applications/Utilities) to interact with the AWS CLI.
    • Internet Connection: An active internet connection is required to download the installer and communicate with AWS services.

2. Step-by-Step Installation Guide (Recommended Method: Installer Package)

This is the recommended installation method for most users due to its simplicity and reliability.

  • Step 1: Download the AWS CLI Installer

    Go to the official AWS CLI download page for macOS: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
    Navigate to the macOS section and find the link for the pkg installer. Click the link to download the installer package (e.g., AWSCLIV2.pkg).

  • Step 2: Run the Installer Package

    1. Locate the downloaded file: The downloaded file (AWSCLIV2.pkg) will typically be in your Downloads folder.
    2. Double-click the .pkg file: This will launch the installer.
    3. Follow the on-screen instructions: The installer will guide you through the installation process. You’ll likely need to:
      • Agree to the license agreement.
      • Choose an installation location (the default is usually fine).
      • Enter your macOS administrator password to authorize the installation.
    4. Complete Installation: Click Install and wait for the process to complete

  • Step 3: Verify the Installation

    After the installation is complete, you need to verify that the AWS CLI is installed correctly and accessible from your terminal.

    1. Open a new terminal window: This is important to ensure that any environment changes made by the installer are loaded.

    2. Run the following command:

      bash
      aws --version

    3. Expected Output: You should see output similar to this (the version number may be different):

      aws-cli/2.13.10 Python/3.11.5 Darwin/22.6.0 exe/x86_64 prompt/off

      This output confirms that the AWS CLI version 2 is installed, along with the Python version it’s using, the operating system, and other details.

    4. If you get a “command not found” error: See the Troubleshooting section below.

  • Step 4: Configure the AWS CLI (Initial Setup)

    The AWS CLI needs to know your AWS credentials to interact with your AWS account. The most basic configuration involves providing your Access Key ID, Secret Access Key, default region, and default output format.

    • Access Key ID and Secret Access Key:

      These are like your username and password for AWS. You obtain these from the IAM console when you create an IAM user.

      1. Go to the IAM console: In the AWS Management Console, search for “IAM” and select it.
      2. Go to Users: In the IAM dashboard, click on “Users” in the left-hand navigation pane.
      3. Select your user: Click on the IAM user you created for using the AWS CLI.
      4. Go to Security credentials: Click on the “Security credentials” tab.
      5. Create access key: Click on the “Create access key” button.
      6. Download the .csv file or copy the credentials: AWS will display your Access Key ID and Secret Access Key. Important: The Secret Access Key is only displayed once. Download the .csv file containing the credentials or copy them to a safe place. If you lose them, you’ll need to create a new access key. Never commit these keys to a public repository.

    • Default Region:

      This is the AWS region you want to interact with by default (e.g., us-east-1, eu-west-2). You can find a list of AWS regions here: https://docs.aws.amazon.com/general/latest/gr/rande.html

    • Default Output Format:

      This determines how the AWS CLI displays output. The common options are:

      • json (default): Outputs data in JSON format.
      • text: Outputs data in a tab-separated text format.
      • table: Outputs data in a human-readable table format.

    • Using aws configure:

      This is the easiest way to configure the AWS CLI initially.

      1. Open your terminal.

      2. Run the following command:

        bash
        aws configure

      3. Enter your credentials: The CLI will prompt you for the following:

        • AWS Access Key ID: Enter your Access Key ID.
        • AWS Secret Access Key: Enter your Secret Access Key.
        • Default region name: Enter your default region (e.g., us-east-1).
        • Default output format: Enter your preferred output format (e.g., json).

  • Step 5: Test Your Configuration

    After configuring the AWS CLI, test it to ensure it can communicate with AWS. A simple test is to list your S3 buckets:

    bash
    aws s3 ls

    • If you have S3 buckets: The command will list the names of your S3 buckets.
    • If you don’t have any S3 buckets: The command will run without any output (no error).
    • If you get an error: See the Troubleshooting section below. The most common errors are related to incorrect credentials or insufficient permissions.

3. Alternative Installation Methods

While the installer package is recommended, here are alternative installation methods:

  • Using Homebrew (Recommended for Developers)

    Homebrew is a popular package manager for macOS. If you’re a developer and already use Homebrew, this is a convenient way to install and manage the AWS CLI.

    • Installing Homebrew (if you don’t have it):

      1. Open your terminal.

      2. Run the following command (from the Homebrew website):

        bash
        /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

      3. Follow the on-screen instructions. You may need to enter your password.

    • Installing the AWS CLI using Homebrew:

      bash
      brew install awscli

    • Verifying the Homebrew Installation:

      bash
      aws --version
      The expected result is to show the current version of the AWS CLI.

  • Using pip (Python Package Installer)

    pip is the package installer for Python. If you have Python installed and prefer using pip, you can use it to install the AWS CLI.

    • Prerequisites for pip Installation:

      • Python: You need Python 3.6 or later installed. macOS often comes with Python pre-installed, but it might be an older version. You can check your Python version with python3 --version. If you need to install or update Python, consider using Homebrew (brew install python) or downloading it from the official Python website (https://www.python.org/downloads/macos/).

    • Installing the AWS CLI using pip:

      bash
      pip3 install awscli --upgrade --user

      • pip3: Ensures you’re using the Python 3 version of pip.
      • --upgrade: Upgrades the AWS CLI if it’s already installed.
      • --user: Installs the AWS CLI in your user’s home directory, avoiding potential permission issues.

    • Potential PATH Issues and Solutions:

      The --user flag installs the AWS CLI in a location that might not be in your system’s PATH environment variable. This means your terminal might not be able to find the aws command.

      1. Find the installation location: After the installation, pip will usually print the installation location. It will look something like:

        /Users/yourusername/Library/Python/3.x/bin

      2. Add the location to your PATH: You need to add this directory to your PATH environment variable. The exact method depends on your shell (usually Bash or Zsh).

        • For Bash (older macOS versions):

          1. Open your ~/.bash_profile file in a text editor:

            bash
            open ~/.bash_profile

          2. Add the following line (replace /Users/yourusername/Library/Python/3.x/bin with the actual path):

            bash
            export PATH=$PATH:/Users/yourusername/Library/Python/3.x/bin

          3. Save the file and close the editor.

          4. Source your ~/.bash_profile to apply the changes:

            bash
            source ~/.bash_profile

        • For Zsh (newer macOS versions):

          1. Open your ~/.zshrc file in a text editor:

            bash
            open ~/.zshrc

          2. Add the following line (replace /Users/yourusername/Library/Python/3.x/bin with the actual path):

            bash
            export PATH=$PATH:/Users/yourusername/Library/Python/3.x/bin

          3. Save the file and close the editor.

          4. Source your ~/.zshrc to apply the changes:

            bash
            source ~/.zshrc

        • After modifying your shell profile, open a new terminal window to test.

    • Verifying the pip Installation:

      bash
      aws --version

  • Manual Download and Installation (Not Recommended)
    This method involves downloading the packaged installer and then performing a manual setup. It is not recommended unless you cannot use any other methods.

    • Downloading from AWS:
      Locate and download the zipped installer file from AWS.

    • Unzipping and Running Installer:

      bash
      unzip awscli-bundle.zip
      sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

    • PATH Considerations:
      Make sure /usr/local/bin is part of your PATH environment variable

  • Installing via AWS CloudShell (For Temporary Access)

    AWS CloudShell is a browser-based shell that comes pre-installed with the AWS CLI and other tools. It’s a great option for quick tasks or if you can’t install the AWS CLI locally.

    1. Open the AWS Management Console.
    2. Click the CloudShell icon: It’s usually in the top navigation bar (looks like a terminal window).
    3. CloudShell will launch in a new browser tab.
    4. You can use the aws command directly within CloudShell.

    Note: CloudShell has limitations, such as session timeouts and storage restrictions. It’s not ideal for long-running tasks or managing large files.

4. Understanding AWS CLI Configuration

The AWS CLI stores its configuration in two main files:

  • The ~/.aws/credentials File

    This file stores your AWS credentials (Access Key ID and Secret Access Key). It’s a plain text file with a simple format:

    “`
    [default]
    aws_access_key_id = YOUR_ACCESS_KEY_ID
    aws_secret_access_key = YOUR_SECRET_ACCESS_KEY

    [profile_name]
    aws_access_key_id = ANOTHER_ACCESS_KEY_ID
    aws_secret_access_key = ANOTHER_SECRET_ACCESS_KEY
    “`

    • [default]: This section contains the credentials used when you don’t specify a profile.
    • [profile_name]: You can define multiple profiles with different credentials.

  • The ~/.aws/config File

    This file stores other configuration settings, such as the default region, output format, and profile-specific configurations.

    “`
    [default]
    region = us-east-1
    output = json

    [profile profile_name]
    region = eu-west-2
    output = text
    source_profile = default
    role_arn = arn:aws:iam::123456789012:role/MyRole
    “`

    • region: The default AWS region.
    • output: The default output format.
    • source_profile: Used for assuming IAM roles (see below).
    • role_arn: The ARN (Amazon Resource Name) of the IAM role to assume (see below).

  • Profiles

    Profiles allow you to manage multiple sets of AWS credentials and configurations. This is useful if you work with multiple AWS accounts or different environments (e.g., development, testing, production).

    • Creating Named Profiles:

      You can create named profiles using the aws configure command with the --profile option:

      bash
      aws configure --profile myprofile

      This will prompt you for the credentials and settings for the myprofile profile.

    • Using Named Profiles:

      You can specify a profile to use with a particular command using the --profile option:

      bash
      aws s3 ls --profile myprofile

      Alternatively, you can set the AWS_PROFILE environment variable:

      bash
      export AWS_PROFILE=myprofile
      aws s3 ls # This will now use the "myprofile" profile

  • Environment Variables

    The AWS CLI also recognizes several environment variables for configuration. This is often used in scripting and automation.

    • Setting Environment Variables:

      You can set environment variables in your terminal:

      bash
      export AWS_ACCESS_KEY_ID=YOUR_ACCESS_KEY_ID
      export AWS_SECRET_ACCESS_KEY=YOUR_SECRET_ACCESS_KEY
      export AWS_DEFAULT_REGION=us-east-1

    • Precedence of Configuration Methods:

      The AWS CLI uses the following order of precedence when determining which configuration settings to use:

      1. Command-line options: Options specified directly on the command line (e.g., --region, --profile) override all other settings.
      2. Environment variables: Environment variables override settings in the configuration files.
      3. Configuration files: Settings in the ~/.aws/credentials and ~/.aws/config files are used if no command-line options or environment variables are set.
      4. IAM roles: If you’re using an IAM role (e.g., on an EC2 instance), the role’s credentials and settings override all other configurations.

  • IAM Roles

    IAM roles are the recommended way to grant permissions to applications and services running on AWS resources (e.g., EC2 instances). Using IAM roles avoids the need to store long-term credentials on the resource.

    • Using IAM Roles with the AWS CLI:

      If you’re running the AWS CLI on an EC2 instance that has an associated IAM role, the CLI will automatically use the role’s credentials. You don’t need to configure anything manually.

    • Configuring Source Profile and Role ARN:

      You can also use the AWS CLI to assume an IAM role from a different account or for different permissions. This is done by configuring a source_profile and a role_arn in your ~/.aws/config file.

      [profile myroleprofile]
      source_profile = default # This uses the credentials from the "default" profile
      role_arn = arn:aws:iam::123456789012:role/MyRole # The ARN of the role to assume
      You would use this like so:
      aws s3 ls --profile myroleprofile

    • Benefits of Using IAM Roles:

      • Improved Security: No long-term credentials are stored on the resource.
      • Automatic Credential Rotation: AWS automatically rotates the temporary credentials used by IAM roles.
      • Centralized Permission Management: You manage permissions through IAM roles, making it easier to control access.

  • SSO and temporary credentials

    If your organization uses SSO (Single Sign-On), you can configure the AWS CLI to use your SSO credentials. This allows you to obtain temporary AWS credentials without needing to manage long-term access keys. The process typically involves using aws configure sso and following the prompts to authenticate with your identity provider. This configuration creates a profile in your ~/.aws/config that uses the sso_start_url, sso_account_id, sso_role_name, and other required settings.

5. Basic AWS CLI Usage

  • General Command Structure

    Most AWS CLI commands follow a general structure:

    bash
    aws <service> <command> [options and parameters]

    • aws: The main command.
    • <service>: The AWS service you want to interact with (e.g., s3, ec2, iam).
    • <command>: The specific action you want to perform (e.g., ls, create-bucket, run-instances).
    • [options and parameters]: Optional flags and values that modify the command’s behavior.

  • Getting Help (--help)

    The --help option is your best friend when using the AWS CLI. It provides detailed information about any service, command, or option.

    • Get help for a service:

      bash
      aws s3 help

    • Get help for a command:

      bash
      aws s3 ls --help

    • Get help for an option:
      Add --help after the option in the command line.

  • Working with Amazon S3

    Amazon S3 (Simple Storage Service) is a scalable object storage service.

    • Listing Buckets:

      bash
      aws s3 ls

    • Uploading Files:

      bash
      aws s3 cp mylocalfile.txt s3://mybucketname/myfile.txt
      or for directories
      bash
      aws s3 cp mydirectory s3://mybucketname/mydirectory --recursive

    • Downloading Files:

      bash
      aws s3 cp s3://mybucketname/myfile.txt mylocalfile.txt

    • Creating Buckets:

      bash
      aws s3 mb s3://mybucketname
      Note: Bucket names must be globally unique.

  • Working with Amazon EC2

    Amazon EC2 (Elastic Compute Cloud) provides virtual servers in the cloud.

    • Listing Instances:

      bash
      aws ec2 describe-instances

    • Starting and Stopping Instances:

      bash
      aws ec2 start-instances --instance-ids i-0123456789abcdef0 # Replace with your instance ID
      aws ec2 stop-instances --instance-ids i-0123456789abcdef0

    • Describing Instances:

      bash
      aws ec2 describe-instances --instance-ids i-0123456789abcdef0

  • Working with IAM
    IAM (Identity and Access Management) controls access to AWS resources

    • Listing Users
      bash
      aws iam list-users
    • Creating Users:
      bash
      aws iam create-user --user-name my-new-user

6. Advanced Configuration Options

  • Auto-Completion

    The AWS CLI supports auto-completion, which can significantly speed up your workflow. It allows you to press the Tab key to complete commands, options, and resource names.

    1. Find the completion script:

      bash
      aws --cli-autocomplete-complete
      This shows you where the completion script is located.

    2. Add the completion script to your shell configuration:

      • For Bash:

        bash
        complete -C '/usr/local/aws/bin/aws_completer' aws
        Add this to your ~/.bash_profile (or ~/.bashrc).

      • For Zsh:

        bash
        autoload -Uz compinit
        compinit
        complete -C '/usr/local/aws/bin/aws_completer' aws
        Add these to your ~/.zshrc.

      • You may need to adjust the path (/usr/local/aws/bin/aws_completer) based on your installation. Use the output from the aws --cli-autocomplete-complete command.

    3. Source your shell configuration file (e.g., source ~/.zshrc) or open a new terminal window.

  • Customizing Output

    • --query (JMESPath)

      The --query option allows you to filter and transform the JSON output using JMESPath, a query language for JSON. This is extremely powerful for extracting specific data from complex responses.

      bash
      aws ec2 describe-instances --query 'Reservations[*].Instances[*].InstanceId' --output text

      This command lists only the instance IDs of all your EC2 instances.

    • --output text

      Outputs data in a tab-separated text format, suitable for parsing with other tools.

      bash
      aws s3 ls --output text

    • --output table

      Outputs data in a human-readable table format.

      bash
      aws ec2 describe-instances --output table
      * Endpoint Configuration

    By default, the AWS CLI communicates with the public AWS endpoints. You can configure the CLI to use different endpoints, such as:

    • AWS GovCloud (US): For US government agencies and contractors.
    • AWS China Regions: For regions within China.
    • Custom Endpoints: For private AWS deployments or testing.
    • VPC Endpoints: Access AWS services privately using a VPC endpoint.

    You can configure endpoints using the --endpoint-url option or by setting the AWS_ENDPOINT_URL environment variable. You can also specify per-service endpoint URLs.

  • Proxy Settings

    If you’re behind a corporate proxy, you need to configure the AWS CLI to use the proxy server. You can set the following environment variables:

    bash
    export HTTP_PROXY=http://your.proxy.server:port
    export HTTPS_PROXY=http://your.proxy.server:port
    export NO_PROXY=localhost,127.0.0.1 # (Optional) Exclude certain addresses from using the proxy

  • AWS CLI Paginator

    • Controlling Pagination:
      For commands that return a large number of results, the AWS CLI uses pagination to retrieve the data in chunks. You can control pagination using options like --max-items (to limit the number of items returned) and --starting-token (to start from a specific point in the results). The output will indicate if there is more data and how to retrieve it.

7. Troubleshooting

  • “Command Not Found” Error

    This means your terminal can’t find the aws command.

    • Verify Installation: Run aws --version. If this still gives an error, the installation might have failed. Try reinstalling.
    • Check your PATH: Ensure the directory containing the aws executable is in your PATH environment variable. See the “Potential PATH Issues and Solutions” section under the pip installation method.
    • Open a new terminal window: After modifying your PATH, you need to open a new terminal window for the changes to take effect.
    • Shell configuration: Double-check your ~/.bash_profile, ~/.bashrc, or ~/.zshrc to make sure the PATH modifications are correct and saved.

  • “Unable to Locate Credentials” Error

    This means the AWS CLI can’t find your AWS credentials.

    • Verify Configuration: Run aws configure list to check your current configuration. Make sure your Access Key ID and Secret Access Key are correct.
    • Check Environment Variables: If you’re using environment variables, make sure they are set correctly (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY).
    • Check Credentials File: Inspect your ~/.aws/credentials file to ensure it contains the correct credentials and is formatted properly.
    • IAM Role (if applicable): If you’re on an EC2 instance with an IAM role, make sure the role is attached to the instance and has the necessary permissions.

  • “An error occurred (AccessDenied)” Error

    This means your IAM user or role doesn’t have the necessary permissions to perform the requested action.

    • Check IAM Permissions: Go to the IAM console and review the permissions attached to your IAM user or role. Make sure you have the required permissions for the service and action you’re trying to use.
    • Policy Simulator: Use the IAM Policy Simulator to test whether your user or role has the necessary permissions.

  • “An error occurred (InvalidClientTokenId)” Error

    This usually indicates that your Access Key ID is incorrect or has been revoked.

    • Verify Access Key ID: Double-check your Access Key ID in your ~/.aws/credentials file or environment variables.
    • Create a New Access Key: If you suspect your access key has been compromised, create a new access key in the IAM console and update your configuration.

  • “An error occurred (ExpiredToken)” Error

    This means your temporary credentials (e.g., from an IAM role or SSO) have expired.

    • Refresh Credentials: If you’re using an IAM role, the credentials should refresh automatically. If you’re using SSO, you may need to re-authenticate.
    • Session Duration: The default duration of temporary credentials is often 1 hour but can be configured. If your tasks take longer, consider extending the session duration or re-authenticating periodically.

  • Connectivity Issues

    If you’re having trouble connecting to AWS services, check the following:

    • Internet Connection: Ensure you have a working internet connection.
    • Firewall: Make sure your firewall isn’t blocking outbound connections to AWS.
    • Proxy Settings: If you’re behind a proxy, configure the AWS CLI to use the proxy (see the “Proxy Settings” section above).
    • AWS Service Status: Check the AWS Service Health Dashboard (https://status.aws.amazon.com/) to see if there are any ongoing issues with AWS services.

  • Version Conflicts

    If you have multiple versions of the AWS CLI installed (e.g., through different methods), you might encounter conflicts.

    • Use which aws: This command will show you the path to the aws executable that’s being used.
    • Prioritize one installation method: Choose one installation method (installer, Homebrew, or pip) and stick with it. Remove any other installations.

  • Permission Issues

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top