Skip to main content

AWS CLI Reference

Configure CLI SSO​

What you'll need​

  1. Install AWS CLI
  2. Our access portal url: https://d-9067ff8475.awsapps.com/start

Setup​

  1. Run aws configure sso
  2. Enter the following properties:
    • Session name: leave default (or rename if you want different properties from what you previously defined)
    • SSO start URL: access portal URL from above
    • SSO region: us-east-1
    • SSO registration scopes: leave default
  3. After the browser authentication select:
    • AWS account
    • Role
    • Profile name (tip: choose an easy name as you may need to type it in CLI commands)
  4. Get a list of all configured profiles by running aws configure list-profiles
  5. Test the configured profile by running aws s3 ls --profile {profile name}

Additional info​

Add user to group​

Since we use SSO to manage users in AWS we cannot manage group membership from the AWS console, only from CLI

aws identitystore create-group-membership \
--identity-store-id d-9067ff8475 \
--group-id {group id} \
--member-id UserId={user id}

Open shell in an ECS task​

This command allows opening a shell in a running ecs task instance. More info in the doc.

aws ecs execute-command --cluster backend `
    --task {task ARN} `
    --interactive `
    --command "/bin/sh" `
    --profile {sso profile name} `
    --region {cluster region}