Setting up AWS Tools for access

Once you have installed AWS Tools for PowerShell, the next thing you need is the AWS access key. Without the access key, you cannot run the AWSPowerShell.NetCore cmdlet. All of them will result in an error. So first, let's get the access key. As we discussed earlier, it is not a best practice to create an access key for a root user. Root user accounts must be locked down and should not be used in any API action. For access keys, you need to create a user. So, open the IAM console by navigating to All Services | Security, Identity & Compliance | IAM.

From the navigation menu, click on Users. Click on Add User. Fill in the username of your choice. You may have some specific naming convention to name the user though. Tick the checkbox as Programmatic Access. On the next screen, select Attach existing policies directly and the first one on the top, AdministratorAccess. Click on Review and then Create user. As soon as you hit Create user, you will see that the Access Key and Secret Access Key are displayed on the screen. Copy the credentials and secure them. There will be an option as well to download the Download.csv file; this file will contain the same information displayed on the screen.

You are all set. If you followed the preceding instructions, you added an IAM user, and assigned the administrator policy, you will be allowed to do almost all the things that you can do with a root account, except billing-related aspects. You can now use this access and a secret access key to set up AWS Tools to access AWS from PowerShell. There are several ways to specify credentials. The preferred approach is to use a profile rather than incorporating literal credentials into your command line:

PS C:\> Set-AWSCredentials -AccessKey {xx} -SecretKey {xx} -StoreAs {MyProfileName}

GET-AWSCredentials tells you that PowerShellProfile is created. You can use the Initialize-AWSDefaults cmdlet to specify the default profile for every PowerShell session:

PS C:\> Initialize-AWSDefaults -ProfileName {MyProfileName} -Region {us-west-2}

You can see that I created a profile called PowerShellProfile, and I will make that profile as the default one for us.

After running the Initialize-AWSDefaults cmdlet, you can now see that there is a default profile added. For the list of regions supported by AWSPowerShell.NetCore, you can use the Get-AWSRegion cmdlet:

PS C:\> Get-AWSRegion

You can see that in the output, us-west-2 is set as the default region. You can now validate the access to your AWS account by simply running the Get-S3Bucket cmdlet:

PS C:\>Get-S3Bucket

If you have any S3 bucket created, this will list all the available buckets in your S3. That's it, your PowerShell AWS Tools module for AWSPowerShell.NetCore is all set to rock, and you will be able to perform almost all the things that you can do on the AWS console.