TerraformPilot

Cloud Computing

Install AWS CLI on Mac with Homebrew (brew install awscli)

Install AWS CLI v2 on macOS with Homebrew in 2 commands: brew install awscli. Includes configuration, credential setup, troubleshooting common errors

LLuca Berton2 min read

Quick Install (TL;DR)

# 
brew install awscli
aws --version
aws configure

That's it. Read on for configuration, troubleshooting, and advanced setup.

Prerequisites

#
  • macOS (Intel or Apple Silicon — both work)
  • Homebrew installed. If not: 
    /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
  • An AWS account with access keys (create one here)

Step 1: Update Homebrew

# 
brew update

This ensures you get the latest version of the AWS CLI package.

Step 2: Install AWS CLI

# 
brew install awscli

Homebrew installs AWS CLI v2 and all dependencies automatically. Takes 1-2 minutes.

Step 3: Verify Installation

# 
aws --version

Expected output:

aws-cli/2.17.x Python/3.12.x Darwin/24.x source/arm64

If you see a version number, the installation worked.

Step 4: Configure AWS CLI

# 
aws configure

You'll be prompted for four values:

AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-east-1
Default output format [None]: json

Where to Find Your Access Keys

#
  1. Go to IAM Console → Users → Your user
  2. Click Security credentials tab
  3. Click Create access key
  4. Save both the Access Key ID and Secret Access Key

Named Profiles

#

If you use multiple AWS accounts:

# Create a profile for work
aws configure --profile work
 
# Create a profile for personal
aws configure --profile personal
 
# Use a specific profile
aws s3 ls --profile work
 
# Set default profile for the session
export AWS_PROFILE=work

Step 5: Test the Connection

# 
# Verify your identity
aws sts get-caller-identity

Expected output:

{
    "UserId": "AIDAEXAMPLE",
    "Account": "123456789012",
    "Arn": "arn:aws:iam::123456789012:user/your-username"
}
# List S3 buckets
aws s3 ls
 
# List EC2 instances
aws ec2 describe-instances --query "Reservations[].Instances[].{ID:InstanceId,State:State.Name}" --output table

Upgrade AWS CLI

# 
# Upgrade to the latest version
brew upgrade awscli
 
# Check the new version
aws --version

Uninstall AWS CLI

# 
brew uninstall awscli

Alternative: Install Without Homebrew

#

If you prefer the official installer:

# Download the macOS installer
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
 
# Install
sudo installer -pkg AWSCLIV2.pkg -target /
 
# Verify
aws --version

The Homebrew method is easier to manage (upgrade/uninstall), which is why we recommend it.

Troubleshooting

#

"command not found: aws"

#

Homebrew didn't add aws to your PATH. Fix:

# For Apple Silicon Macs (M1/M2/M3)
echo 'export PATH="/opt/homebrew/bin:$PATH"' >> ~/.zshrc
source ~/.zshrc
 
# For Intel Macs
echo 'export PATH="/usr/local/bin:$PATH"' >> ~/.zshrc
source ~/.zshrc

"Unable to locate credentials"

# 
Unable to locate credentials. You can configure credentials by running "aws configure".

Run aws configure and enter your access keys. Or check that your credentials file exists:

cat ~/.aws/credentials

"InvalidClientTokenId"

# 
An error occurred (InvalidClientTokenId) when calling the GetCallerIdentity operation:
The security token included in the request is invalid.

Your access key is wrong or deactivated. Generate a new one in the IAM Console.

"ExpiredToken"

#

If using temporary credentials (SSO, assume role), refresh them:

aws sso login --profile your-profile

Old Version Still Showing

#

If aws --version shows v1 after installing v2:

# Check which aws binary is being used
which aws
 
# If it's /usr/local/bin/aws (old v1), remove it
sudo rm /usr/local/bin/aws
 
# Homebrew's version should now take priority
aws --version

Homebrew Permission Errors

# 
# Fix permissions
sudo chown -R $(whoami) /opt/homebrew
# or for Intel Macs:
sudo chown -R $(whoami) /usr/local

Configuration Files

#

AWS CLI stores config in two files:

# Credentials (access keys)
~/.aws/credentials
 
# Configuration (region, output format)
~/.aws/config

Example ~/.aws/credentials:

[default]
aws_access_key_id = AKIAIOSFODNN7EXAMPLE
aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
 
[work]
aws_access_key_id = AKIAI44QH8DHBEXAMPLE
aws_secret_access_key = je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY

Example ~/.aws/config:

[default]
region = us-east-1
output = json
 
[profile work]
region = eu-west-1
output = table

Using AWS CLI with Terraform

#

Once AWS CLI is configured, Terraform uses the same credentials automatically:

provider "aws" {
  region  = "us-east-1"
  # Terraform reads ~/.aws/credentials automatically
 
  # Or use a named profile:
  # profile = "work"
}

Verify Terraform can access AWS:

terraform init
terraform plan

Useful AWS CLI Commands

# 
# S3
aws s3 ls                           # List buckets
aws s3 cp file.txt s3://bucket/     # Upload file
aws s3 sync . s3://bucket/          # Sync directory
 
# EC2
aws ec2 describe-instances          # List instances
aws ec2 start-instances --instance-ids i-12345  # Start
aws ec2 stop-instances --instance-ids i-12345   # Stop
 
# IAM
aws iam list-users                  # List IAM users
aws iam get-user                    # Current user info
 
# CloudFormation
aws cloudformation list-stacks      # List stacks
 
# Output formatting
aws ec2 describe-instances --output table
aws ec2 describe-instances --output json
aws ec2 describe-instances --query "Reservations[].Instances[].InstanceId"
#

Hands-On Courses

#

Learn by doing with interactive courses on CopyPasteLearn:

Conclusion

#

Installing AWS CLI on macOS with Homebrew is the simplest method: brew install awscli. Configure it with aws configure, test with aws sts get-caller-identity, and you're ready to manage AWS from your terminal. Use brew upgrade awscli to keep it updated. Terraform picks up the same credentials automatically, so once AWS CLI works, Terraform works too.

#AWS#DevOps#CLI#macOS#Homebrew

Share this article

Related articles