Profiles

Right, let’s get your tools sharpened. Setting up the AWS CLI is like getting a master key to the entire AWS kingdom. It’s the no-nonsense, text-based way to tell AWS what to do, and it doesn’t care if you’re in a GUI mood or not. We’re going to set it up properly so it doesn’t come back to bite you later. First, the installation. You’re not downloading some sketchy .exe from a random website. You’ll use pip, Python’s package manager. Yes, it’s written in Python. No, you don’t need to know Python. The irony is not lost on me.

Alright, let’s get your Python environment ready to boss AWS around. We’re going to talk about boto3, which is the official AWS SDK for Python. It’s the tool you’ll use to make AWS do your bidding programmatically. Forget the web console; you’re a programmer now. The goal is to write code that creates, destroys, and manages infrastructure. It’s like playing god, but with more error handling. First things first, get it installed. It’s not in the standard library, so pip is your friend.

Right, let’s talk about aws configure sso. This is the command that saves you from the dark ages of managing IAM user access keys, which are basically a permanent security liability you have to stash somewhere safe. With AWS SSO, you log in once through a pretty portal, get temporary, scoped-down credentials, and the CLI handles the rest. It’s a vastly more secure and manageable way to do things. The first time you run it, it feels a bit like magic. The second time, you’ll wonder why all cloud auth isn’t this (relatively) sane.

Right, let’s talk about the part of this process that everyone loves to hate: environment variables. We’re going to set them up so you don’t have to type your credentials every single time you want to list an S3 bucket, which is, I assure you, a fate worse than death. Think of environment variables as the sticky notes you leave for your computer. “Hey computer, here’s my secret key. Don’t show it to anyone, and use it when I ask you to do AWS stuff.” It’s a simple, effective, and tragically easy-to-mess-up system.

Right, let’s talk about the single most important tool for not accidentally deploying your resume to your production environment: named profiles. You’ve probably already used the default profile. You ran aws configure, shoved in your keys, and off you went. That’s fine for a single account, like your personal sandbox. But the moment you have more than one AWS account (and you will, because this is AWS and they give them out like candy), using the default profile is a one-way ticket to “oh god why is my production database in us-east-1 now?”

Right, let’s get you set up so you can actually do things with AWS instead of just staring at the login page. This is where we move from being a tourist to a resident. The CLI and SDKs are your primary tools, and they all have one thing in common: they need to know who you are. They do this using credentials. Let’s demystify how you give them those credentials without accidentally uploading your secret access key to a public GitHub repo (a classic rookie move, we’ve all had that heart-stopping moment).

Alright, let’s get you set up with the modern toolbelt. The AWS CLI v2 is a massive improvement over its predecessor—faster, handles IAM roles better, and doesn’t require a separate Python installation. We’re going to do this the right way, which means avoiding the OS package managers (apt, yum, brew) like the plague for this particular install. Their packages are often horrifically out of date, and wrestling with a three-year-old CLI version is a special kind of hell I won’t subject you to. We’re going straight to the source.