aws-configure
Configure AWS CLI credentials and settings
TLDR
Configure AWS CLI interactively (creates a new configuration or updates the default)
Configure a named profile for AWS CLI interactively (creates a new profile or updates an existing one)
Display the value from a specific configuration variable
Display the value for a configuration variable in a specific profile
Set the value of a specific configuration variable
Set the value of a configuration variable in a specific profile
List the configuration entries
List the configuration entries for a specific profile
SYNOPSIS
aws configure [list | list-profiles | set NAME VALUE | get NAME | unset NAME] [--profile PROFILE]
PARAMETERS
list
Displays AWS CLI configuration values including credential source, region, and output format.
list-profiles
Outputs names of all configured profiles from AWS CLI files.
set NAME VALUE
Sets a named configuration value (e.g., region us-east-1).
get NAME
Retrieves the value of a specific configuration parameter.
unset NAME
Deletes a configuration value from files.
--profile PROFILE
Specifies profile name for operations (default: 'default').
DESCRIPTION
The aws configure command is a key utility in the AWS Command Line Interface (CLI) for setting up and managing AWS authentication credentials, default regions, output formats, and profiles. Running it without arguments launches an interactive wizard prompting for AWS Access Key ID, AWS Secret Access Key, default region (e.g., us-east-1), and output format (e.g., json). These values populate the ~/.aws/credentials (INI format for keys) and ~/.aws/config files.
Subcommands enable scripted or non-interactive use: list displays current settings, list-profiles enumerates profiles, set updates variables like region=us-west-2, get retrieves values, and unset removes them. The --profile option targets named profiles for multi-account workflows.
Critical for developers automating cloud tasks, it supports credential sourcing hierarchy (assume-role, env vars, SSO, config files, IAM). Always prioritize secure credential management.
CAVEATS
Credentials stored in plaintext in ~/.aws files; vulnerable if system compromised.
Use IAM roles, env vars (AWS_ACCESS_KEY_ID), or AWS SSO instead.
Interactive mode only configures default profile.
INTERACTIVE MODE
No arguments: prompts sequentially for access key, secret key, region, output. Overwrites default profile.
CONFIG FILES
~/.aws/credentials: [profile] aws_access_key_id=..., aws_secret_access_key=...;
~/.aws/config: [profile] region=..., output=json.
COMMON VARIABLES
aws_access_key_id, aws_secret_access_key, region, output, cli_pager, cli_timestamp_format, s3=... (signature_version).
HISTORY
Introduced in AWS CLI v1 (2013) for easy credential setup. AWS CLI v2 (2020) added SSO integration but preserved aws configure syntax for compatibility.
