search

AWS CLI v2

AWS CLI (Command Line Interface) v2 is a powerful tool that allows to manage AWS services from the command line.

circle-check

Given that WorkSpaces Manager (WSM) runs on Windows, we are not adding specifics for Linux or MacOSX.

Below are the steps to install AWS CLI v2 on WSM (Windows-based) and perform basic troubleshooting to validate credentials and permissions. Use the official AWS websitearrow-up-right for information.

hashtag
Step 1: Install AWS CLI v2

  1. From PowerShell, as an elevated user (Administrator), run the .msi installer with command:

msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi

  1. Follow the on-screen instructions to complete the installation.

  2. Confirm the installation by opening a command prompt and running:

aws --version

The output should display the installed version of AWS CLI.

circle-exclamation

If you don't have Access keys, you'll need to create them for some of these commands. To do this, navigate to your IAM user on the AWS console, go to the Security Credentials section, scroll down, and create a new set of access keys. Be sure to download and save the file securely, as the secret key will only be visible at the time of creation and cannot be retrieved later from the console.

hashtag
Step 2: Check AWS CLI configuration

  • Run the configuration command to to display the current credentials, ensuring they are set to a type of "iam-role":

  • This command will show:

    • Configured credentials

    • Profile

    • Default Region Name (e.g., eu-central-1)

Run the configuration command to to display the current credentials, ensuring they are set to a type of "iam-role":

  • To see the active credentials and their source:

This command returns the AWS account ID, user/role ARN, and the user/role making the call.

hashtag
Step 3: Test Access to AWS Endpoints

Run a simple command to verify connectivity to the relevant AWS services:

  • WorkSpaces:

  • Directories:

  • S3 (if applicable):

If the commands return valid results, your configuration and permissions are correct.

hashtag
Step 4: Debugging Permission Issues

  • If a command fails with a 403 Access Denied or You are not authorized to perform this operation error, verify:

    • The IAM Policy and Instance Role attached to the EC2 Instance includes the necessary permissions.

    • The resource (e.g., WorkSpaces or Directories) exists in the configured region.

  • Use the --debug flag to get more details about the API call:

Look for errors such as missing permissions or endpoint issues.

hashtag
Step 5: Verify Network Connectivity

  • Ensure your WSM instance can access AWS endpoints.

  • Test connectivity to the AWS WorkSpaces Service Endpoints via browser:

Example:

https://workspaces.eu-central-1.amazonaws.com/workspaces.eu-central-1.amazonaws.comchevron-right

  • If there is a response, even in form of error, we can assume that there is connectivity.

  • If connectivity fails, check the network settings, such as VPC, security groups, firewall and proxy configuration.

PreviousIAM Policies in JSON formatNextLDAP (Active Directory) Troubleshooting for WSM

Last updated