AWS CLI Cheat Sheet

A handy list of aws cli commands


# Cli command structure
aws <service> <action> --region <region> --profile <profileName>
# Configure aws cli
aws configure
aws configure --profile <nameOfProfile>
# Whoami
aws sts get-caller-identity

IAM Commands


# list iam users
aws iam list-users
# list iam roles
aws iam list-roles
# list iam groups
aws iam list-groups
# list all iam access keys for a user
aws iam list-access-keys --user-name <iamUserName> --profile <awsProfile>
# create iam access keys
aws iam create-access-key --user-name <iamUserName> --profile <awsProfile>
# assume an iam role
aws sts assume-role --role-arn <arnIamRole> --role-session-name <whatever> --profile <awsProfile>


# list iam policies attached to user
aws iam list-attached-user-policies --user-name <user>
# list iam trust policy attached to role
aws iam get-role --role-name <roleName> --query 'Role.AssumeRolePolicyDocument'
# view available versions of a policy
aws iam list-policy-versions --policy-arn <policyArn>
# view the policy for a particular version
aws iam get-policy-version --policy-arn <policyArn> --version-id <versionId>
# attach a specific version of a policy
aws iam set-default-policy-version --policy-arn <policyArn> --version-id <versionId>