How to Configure and Setup AWS CLI and Key Pairs

Automating AWS infrastructure requires proper setup of the AWS Command Line Interface (CLI), secure key management, and an understanding of core components like AMIs. This guide walks through configuring the AWS CLI and generating and managing EC2 key pairs.

Contents

Installing the AWS CLI

The AWS CLI is the primary tool for interacting with AWS services programmatically. Below are installation instructions for different operating systems.

Linux/macOS installation

  1. Install unzip(if not installled) and download the latest AWS CLI version:
sudo apt install unzip
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
  1. Extract the packages:
unzip awscliv2.zip
  1. Run the installer with sudo:
sudo ./aws/install
  1. Verify the installation:
aws --version

Your expected output should look like this:

aws-cli/2.27.4 Python/3.13.2 Linux/6.11.0-9-generic exe/x86_64.ubuntu.24

Windows installation

  1. Download the AWS CLI MSI installer.
  2. Run the installer and follow the prompts.
  3. Open PowerShell and verify installation:
aws --version

Alternatively, you can use a preconfigured CloudRay automation script to install and configure the AWS CLI across multiple environments for consistency.

Configuring AWS CLI

Before using the AWS CLI, you need to configure authentication credentials.

  1. Login to the AWS IAM Console
  2. Navigate to Users → Select your IAM user → Security credentials.
Screenshot of Access key location on AWS console

  1. Under Access keys, click Create access key.

  2. Choose CLI (Command Line Interface) as the use case and click Next.

Screenshot of use case selection
  1. You can give your access key tag (optional) and click “create access key”
Screenshot to create the access key
  1. You can copy the access and secret access key on the AWS console
Screenshot to copy and get access key

Additionally, you can download the .csv file or copy the keys manually

  1. Run the configuration wizard:
aws configure

You will be prompted for:

  • AWS Access Key ID - A unique identifier for your IAM user
  • AWS Secret Access Key - A secret password tied to your access key
  • Default region name - The AWS region where resources will be created (e.g., us-east-1)
  • Default output format - How responses are displayed (json, text, or table)
Screenshot to the terminal representation of AWS configuration
  1. Verify that the CLI can authentication with AWS:
aws sts get-caller-identity
Screenshot to the terminal representation of AWS configuration

A successful response includes your AWS account ID and IAM user ARN.

Managing EC2 Key pairs

SSH key pairs are essential for secure access to your EC2 instances. This section covers creating, managing, and using key pairs with AWS CLI. Here is how to create a new key pair using AWS CLI:

  1. First, generate a key pair using AWS CLI:
aws ec2 create-key-pair \
    --key-name "my-production-key" \
    --key-type ed25519 \
    --query 'KeyMaterial' \
    --output text > my-production-key.pem
  1. Set proper file permissions:
chmod 400 my-production-key.pem

Here are what all the key parameters represents:

  • --key-name: Unique identifier for your key
  • --key-type: Choose between rsa (default) or more secure ed25519
  • KeyMaterial: The private key content (saved to .pem file)

Additionally, here is how to list all available key pairs in your region:

aws ec2 describe-key-pairs \
    --query 'KeyPairs[*].KeyName' \
    --output table
Screenshot to the terminal representation of AWS configuration

This shows the keys present in your AWS user account

Finally, here is how to delete a key pair:

  1. First, verify no instances are using the key:
aws ec2 describe-instances \
    --filters "Name=key-name,Values=my-production-key" \
    --query "Reservations[].Instances[].InstanceId"
  1. Delete the key pair:
aws ec2 delete-key-pair --key-name "my-production-key"

NOTE

You can locate Amazon Machine Images (AMIs) in the EC2 Console under AMIs in the left navigation. Use the search filters to find official AWS-provided images or community AMIs. For production environments, always verify AMI sources and use the most recent stable versions.

While manual AWS CLI configuration works for individual setups, managing infrastructure at scale requires automation. CloudRay provides centralised management for Bash scripts, enabling teams to securely automate and schedule AWS operations like instance provisioning, key rotation, and infrastructure monitoring.

For a practical implementation of these concepts, see our guide on Automating AWS Infrastructure with Bash and CLI which covers EC2 lifecycle management, automated backups, and monitoring solutions.