Yes. AWS CLI is free and open-source under the Apache 2.0 license. You pay only for the AWS resources you create or manage through the CLI, not for the CLI tool itself. It works with AWS Free Tier accounts.

What is the difference between AWS CLI v1 and v2?

AWS CLI v2 is the current, actively developed version. It includes auto-complete, SSO support, interactive wizards, and bundled installers that do not require Python. V1 enters maintenance mode on July 15, 2026. New projects should use v2 exclusively.

How do you manage multiple AWS accounts with the CLI?

Use named profiles. Run aws configure --profile staging to set up credentials for a staging account. Then use aws s3 ls --profile staging to run commands against it. For AWS SSO, run aws configure sso to set up profiles that authenticate through your identity provider.

Does AWS CLI work with MCP servers?

AWS provides official MCP servers through the awslabs/mcp repository on GitHub. These MCP servers let AI coding agents interact with AWS services using the Model Context Protocol. The MCP servers are separate from the CLI but complement it for agent-driven workflows.

Can AWS CLI be used in CI/CD pipelines?

Yes. AWS CLI is widely used in CI/CD. Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as environment variables, or use IAM roles (OIDC federation with GitHub Actions, instance profiles on EC2). Most CI platforms include AWS CLI pre-installed or provide a setup action.

AWS CLI

16.8k stars

official open-source Has MCP macOS Linux Windows Actively maintained

Amazon's official command-line tool for managing AWS services. Control EC2, S3, Lambda, IAM, and 200+ services from the terminal.

AWS CLI has both a CLI and an MCP server. See when to use each

When to use

AWS CLI is the foundation of every serious AWS workflow. If you manage any AWS infrastructure, this is the first tool you install. It gives you direct access to every AWS service API from your terminal, which means you can do anything the AWS Console can do, and automate it.The immediate win is speed. Checking which EC2 instances are running, tailing CloudWatch logs, uploading files to S3, rotating IAM credentials — all of these are faster from the terminal than clicking through the Console. The --query flag uses JMESPath expressions to filter API responses, so you get exactly the data you need without parsing JSON manually.For infrastructure automation, AWS CLI is the backbone of shell scripts, CI/CD pipelines, and deployment workflows. Your deploy script can call aws ecs update-service to roll out a new container image, aws cloudformation deploy to provision infrastructure, or aws s3 sync to push static assets to a CDN. These commands are deterministic and scriptable, unlike manual Console clicks.Named profiles let you manage multiple AWS accounts cleanly. You switch between dev, staging, and production with --profile instead of juggling browser sessions or re-entering credentials. SSO integration means you authenticate once and the CLI handles token refresh.The output formatting options — JSON, table, text, and YAML — make AWS CLI useful for both human reading and machine parsing. Pipe JSON output to jq for complex transformations, or use --output table for quick visual checks. Every command supports --dry-run where applicable, so you can validate before executing destructive operations.If you work with AWS at all, install it. The aws configure setup takes 60 seconds, and you will use it every day.

When to skip

Skip AWS CLI if you do not use Amazon Web Services. This tool is AWS-only by design. If your infrastructure runs on Google Cloud, use gcloud. If you are on Azure, use az. AWS CLI has zero utility outside the AWS ecosystem.If you prefer infrastructure-as-code over imperative commands, you may find that tools like Terraform, Pulumi, or AWS CloudFormation handle your daily work better. AWS CLI is imperative — you tell it what to do right now. IaC tools are declarative — you describe the desired state and they reconcile. For repeatable infrastructure provisioning, IaC is the better pattern. That said, most IaC users still keep AWS CLI installed for debugging, ad-hoc queries, and operations that do not fit neatly into a declarative model.For developers who only interact with one or two AWS services, a service-specific tool might be simpler. The AWS SAM CLI is purpose-built for serverless development. The AWS CDK CLI handles CloudFormation deployments with higher-level abstractions. The Elastic Beanstalk CLI (eb) streamlines web app deployments. These specialized tools offer guided workflows that the general-purpose AWS CLI does not.If you are in a team that standardizes on the AWS Console and nobody else uses the CLI, introducing it creates a knowledge gap. The Console provides visual guardrails — you can see what you are about to delete, review resource configurations graphically, and use the built-in policy simulator. The CLI requires you to know what you are doing, because a wrong command with the right permissions will execute without confirmation.New AWS users may find the sheer number of commands overwhelming. AWS CLI covers 200+ services with thousands of subcommands. Start with the Console to understand the services, then graduate to the CLI once you know what you are automating.

Key Commands

aws configure Set up credentials, default region, and output format interactively

aws s3 ls List S3 buckets or objects in a bucket

aws s3 cp Copy files between local filesystem and S3

aws ec2 describe-instances List EC2 instances with details like state, type, and IP

aws lambda invoke Invoke a Lambda function and capture the response

aws iam list-users List IAM users in your AWS account

aws sts get-caller-identity Verify which AWS identity your CLI session is using

GitHub Stats

repo aws/aws-cli

stars 16.8k

language Python

license Apache-2.0

last commit Mar 13, 2026

Links

Official documentation docs.aws.amazon.com/cli/latest/userguide/ Command reference awscli.amazonaws.com/v2/documentation/api/latest/reference/index.html GitHub repository github.com/aws/aws-cli AWS MCP servers github.com/awslabs/mcp

Alternatives

tool	description
AWS CLI	current tool
AWS CloudShell	Browser-based shell with AWS CLI pre-installed. No local setup required, runs inside the AWS Console.
aws-shell	Interactive shell for AWS CLI with inline documentation, autocomplete, and fuzzy search. Built by AWS.
awsume	Tool for managing and switching between AWS profiles and roles. Simplifies multi-account credential management.
Steampipe	Query AWS resources using SQL. Treats cloud APIs as database tables for compliance, inventory, and reporting.

FAQ

Is AWS CLI free?: Yes. AWS CLI is free and open-source under the Apache 2.0 license. You pay only for the AWS resources you create or manage through the CLI, not for the CLI tool itself. It works with AWS Free Tier accounts.
What is the difference between AWS CLI v1 and v2?: AWS CLI v2 is the current, actively developed version. It includes auto-complete, SSO support, interactive wizards, and bundled installers that do not require Python. V1 enters maintenance mode on July 15, 2026. New projects should use v2 exclusively.
How do you manage multiple AWS accounts with the CLI?: Use named profiles. Run aws configure --profile staging to set up credentials for a staging account. Then use aws s3 ls --profile staging to run commands against it. For AWS SSO, run aws configure sso to set up profiles that authenticate through your identity provider.
Does AWS CLI work with MCP servers?: AWS provides official MCP servers through the awslabs/mcp repository on GitHub. These MCP servers let AI coding agents interact with AWS services using the Model Context Protocol. The MCP servers are separate from the CLI but complement it for agent-driven workflows.
Can AWS CLI be used in CI/CD pipelines?: Yes. AWS CLI is widely used in CI/CD. Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as environment variables, or use IAM roles (OIDC federation with GitHub Actions, instance profiles on EC2). Most CI platforms include AWS CLI pre-installed or provide a setup action.