Using multiple AWS accounts under an Organization umbrella can be useful even at a personal level, for learning AWS features and self-training, it helps keep various projects partitioned. However, working with multiple accounts at a time can get complex, and on more than one occasion I’ve lost track of which account I’m actually working with.
If you’re working with api keypairs and don’t know which account the keypair is for, the following aws cli command is useful:
aws sts get-caller-identity
It shows you the following info:
"UserId" : ... key id ...,
"Account" : ... account id ...,
"Arn" : ... the IAM ARN for the current userid
The AWS instructions to install the AWS CLI using Python and pip work on MacOS 10.13 (High Sierra) up to the point of adding the Python install location to your path – I found that on 10.13, following the steps didn’t result in the aws command being found.
At the step to addto your path:
- running ‘which python’ showed:
$ which python
but, ls -la did not show that this was a symbolic link in my install per the docs, so this location is also not the same location where the pip installed aws command is.
This post has an answer that suggests the issue is because AWS CLI instructions tell you to do:
pip3 install awscli --upgrade --user
but the –user option specifies a user location. To find where the pip install is installing to, do:
python3 -m site --user-base
This told me:
So taking a looking in the bin dir in this location, this is where the aws cli ended up. Adding this path to my PATH in my ~/.bash_profile and now aws command works as expected.