AWS CLI v2

AWS CLI (Command Line Interface) v2 is a powerful tool that allows to manage AWS services from the command line.

Below are the steps to install AWS CLI v2 on WSM (Windows-based) and perform basic troubleshooting to validate credentials and permissions. Use the official AWS website for information.

Step 1: Install AWS CLI v2

  1. From PowerShell, as an elevated user (Administrator), run the .msi installer with command:

msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi
  1. Follow the on-screen instructions to complete the installation.

  2. Confirm the installation by opening a command prompt and running:

aws --version

The output should display the installed version of AWS CLI.

Step 2: Check AWS CLI configuration

  • Run the configuration command to to display the current credentials, ensuring they are set to a type of "iam-role":

    aws configure list
  • This command will show:

    • Configured credentials

    • Profile

    • Default Region Name (e.g., eu-central-1)

Run the configuration command to to display the current credentials, ensuring they are set to a type of "iam-role":

  • To see the active credentials and their source:

aws sts get-caller-identity

This command returns the AWS account ID, user/role ARN, and the user/role making the call.

Step 3: Test Access to AWS Endpoints

Run a simple command to verify connectivity to the relevant AWS services:

  • WorkSpaces:

    aws workspaces describe-workspaces
  • Directories:

    aws ds describe-directories
  • S3 (if applicable):

    aws s3 ls

If the commands return valid results, your configuration and permissions are correct.

Step 4: Debugging Permission Issues

  • If a command fails with a 403 Access Denied or You are not authorized to perform this operation error, verify:

    • The IAM Policy and Instance Role attached to the EC2 Instance includes the necessary permissions.

    • The resource (e.g., WorkSpaces or Directories) exists in the configured region.

  • Use the --debug flag to get more details about the API call:

    aws workspaces describe-workspaces --debug

Look for errors such as missing permissions or endpoint issues.

Step 5: Verify Network Connectivity

  • Ensure your WSM instance can access AWS endpoints.

  • Test connectivity to the AWS WorkSpaces Service Endpoints via browser:

    https://workspaces.<region>.amazonaws.com

Example:

  • If there is a response, even in form of error, we can assume that there is connectivity.

  • If connectivity fails, check the network settings, such as VPC, security groups, firewall and proxy configuration.

Last updated