# AWS CLI ## Assume a Role * With the correct permissions, we can assume an IAM role. * The session name doesn't matter {% code overflow="wrap" %} ```bash aws sts assume-role --role-arn --role-session-name ``` {% endcode %} ## Configure Role Credentials * After setting up the associated access keys with `aws configure` we can run this command to set up the session token associated with the role. {% code overflow="wrap" %} ```bash aws --profile myIamRole configure set aws_session_token ``` {% endcode %} ## --query * Provides a way to search a command's output for certain things. * [jq](/coding-and-cli-tooling/cli-tools/jq.md) is another tool that can be used for this. ### Example output ``` aws ec2 describe-security-groups { "SecurityGroups": [ { "Description": "default VPC security group", "GroupName": "default", "IpPermissions": [ { "IpProtocol": "-1", "IpRanges": [], "Ipv6Ranges": [], "PrefixListIds": [], "UserIdGroupPairs": [ { "GroupId": "sg-0494280510832e7b2", [snip] ``` ### Attribute Contains * Query the GroupName attribute that contains `VPC` {% code overflow="wrap" %} ```bash aws ec2 describe-security-groups --query 'SecurityGroups[?contains(GroupName, `VPC`)]' ``` {% endcode %} * Query the nested IpProtocols attribute that contains `-1` {% code overflow="wrap" %} ```bash aws ec2 describe-security-groups --query "SecurityGroups[?IpPermissions[?contains(IpProtocol,'-1')]]" ``` {% endcode %} ### Attribute is Exactly * Query the Description attribute that is exactly `default VPC security group` {% code overflow="wrap" %} ```bash aws ec2 describe-security-groups --query "SecurityGroups[?Description=='default VPC security group']" ``` {% endcode %} * Query the nested `GroupId` attribute that is exactly `sg-0494280510832e7b2` {% code overflow="wrap" %} ```bash aws ec2 describe-security-groups --query "SecurityGroups[?IpPermissions[?UserIdGroupPairs[?GroupId=='sg-0494280510832e7b2']]]" ``` {% endcode %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.techwithtyler.dev/coding-and-cli-tooling/cli-tools/aws-cli.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.