AWS CLI インストール

■AWS CLIv2をインストール

$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
$ unzip awscliv2.zip
$ sudo ./aws/install

$ aws configure

AWS Access Key ID [****************RDHF]: 

AWS Secret Access Key [****************UN7j]: 

Default region name [ap-northeast-1]: 

Default output format [json]: 

$ vi  .aws/config

$ vi .aws/credentials

■Session Manager プラグインをインストール

$ sudo dnf install -y https://s3.amazonaws.com/session-manager-downloads/plugin/latest/linux_64bit/session-manager-plugin.rpm

$ aws configure sso 

SSO session name (Recommended): AWS develop environment

SSO start URL [None]: https://d-xxxxxxxxxxxx.awsapps.com/start/#

SSO region [None]: ap-northeast-1

SSO registration scopes [sso:account:access]:

Attempting to automatically open the SSO authorization page in your default browser.

If the browser does not open or you wish to use a different device to authorize this request, open the following URL:

https://device.sso.ap-northeast-1.amazonaws.com/

Then enter the code:

XCWJ-BVZG

The only AWS account available to you is: 65xxxxxxx086

Using the account ID 65xxxxxxx086

The only role available to you is: PowerUserAccess

Using the role name "PowerUserAccess"

CLI default client Region [ap-northeast-1]: ap-northeast-1

CLI default output format [None]: json

CLI profile name [PowerUserAccess-xxxxxxxxxxxxxx]:

To use this profile, specify the profile name using --profile, as shown:

aws s3 ls --profile PowerUserAccess-65xxxxxxx086

$ vi ~/.aws/config

$ aws sts get-caller-identity --profile PowerUserAccess-xxxxxxxxxxxxxx]

 $ aws ssm start-session --target i-0cbbe303b171e7396 --document-name AWS-StartPortForwardingSession --parameters "portNumber=22, localPortNumber=10022" --profile PowerUserAccess-xxxxxxxxxxxx

$ aws sso logout

$ aws sso login --profile PowerUserAccess-xxxxxxxxxxxx