Installing past releases of the AWS CLI version 2

Installation requirements
 You know which release of the AWS CLI version 2 you'd like to install.
 You must be able to extract or "unzip" the downloaded package. If your operating
system doesn't have the built-in unzip command, use an equivalent.
 The AWS CLI version 2 uses glibc, groff, and less. These are included by default in
most major distributions of Linux.
 We support the AWS CLI version 2 on 64-bit versions of recent distributions of
CentOS, Fedora, Ubuntu, Amazon Linux 1, Amazon Linux 2 and Linux ARM.
 Because AWS doesn't maintain third-party repositories, we can’t guarantee that they
contain the latest version of the AWS CLI.
Installation instructions
Follow these steps from the command line to install the AWS CLI on Linux.
We provide the steps in one easy-to-copy and paste group based on whether you use 64-bit
Linux or Linux ARM. See the descriptions of each line in the steps that follow.
To install the AWS CLI, run the following commands.
To specify a version, append a hyphen and the version number to the filename. For this
example, the filename for version 2.0.30 would be awscli-exe-linux-x86_64-2.0.30.zip,
resulting in the following command:
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.0.30.zip" -o
"awscliv2.zip"
$ unzip awscliv2.zip
$ sudo ./aws/install
To update your current installation of the AWS CLI, add your existing symlink and installer
information to construct the install command using the --bin-dir, --install-dir, and --
update parameters. The following command block uses an example symlink of
/usr/local/bin and example installer location of /usr/local/aws-cli:
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.0.30.zip" -o
"awscliv2.zip"
$ unzip awscliv2.zip
$ sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli
--update
Step 1: Download the installation file in one of the following ways:
Use the curl command – The -o option specifies the file name that the downloaded package
is written to. The options on the following example command write the downloaded file to
the current directory with the local name awscliv2.zip.
 To specify a version, append a hyphen and the version number to the filename. For this
example the filename for version 2.0.30 would be awscli-exe-linux-x86_64-2.0.30.zip
resulting in the following command:
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-2.0.30.zip" -o
"awscliv2.zip"
Downloading from the URL –
In your browser, download your specific version of the AWS CLI by appending a hyphen and
the version number to the filename.
https://awscli.amazonaws.com/awscli-exe-linux-x86_64-version.number.zip

Step 2: (Optional) Verifying the integrity of your downloaded zip file

If you chose to manually download the AWS CLI installer package .zip in the above steps,
you can use the following steps to verify the signatures by using the GnuPG tool.
The AWS CLI installer package .zip files are cryptographically signed using PGP signatures. If
there is any damage or alteration of the files, this verification fails and you should not
proceed with installation.
 Download and install the gpg command using your package manager.  .
To create the public key file, create a text file and paste in the following text.
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBF2Cr7UBEADJZHcgusOJl7ENSyumXh85z0TRV0xJorM2B/JL0kHOyigQluUG
ZMLhENaG0bYatdrKP+3H91lvK050pXwnO/R7fB/FSTouki4ciIx5OuLlnJZIxSzx
PqGl0mkxImLNbGWoi6Lto0LYxqHN2iQtzlwTVmq9733zd3XfcXrZ3+LblHAgEt5G
TfNxEKJ8soPLyWmwDH6HWCnjZ/aIQRBTIQ05uVeEoYxSh6wOai7ss/KveoSNBbYz
gbdzoqI2Y8cgH2nbfgp3DSasaLZEdCSsIsK1u05CinE7k2qZ7KgKAUIcT/cR/grk
C6VwsnDU0OUCideXcQ8WeHutqvgZH1JgKDbznoIzeQHJD238GEu+eKhRHcz8/jeG
94zkcgJOz3KbZGYMiTh277Fvj9zzvZsbMBCedV1BTg3TqgvdX4bdkhf5cH+7NtWO
lrFj6UwAsGukBTAOxC0l/dnSmZhJ7Z1KmEWilro/gOrjtOxqRQutlIqG22TaqoPG
fYVN+en3Zwbt97kcgZDwqbuykNt64oZWc4XKCa3mprEGC3IbJTBFqglXmZ7l9ywG
EEUJYOlb2XrSuPWml39beWdKM8kzr1OjnlOm6+lpTRCBfo0wa9F8YZRhHPAkwKkX
XDeOGpWRj4ohOx0d2GWkyV5xyN14p2tQOCdOODmz80yUTgRpPVQUtOEhXQARAQAB
tCFBV1MgQ0xJIFRlYW0gPGF3cy1jbGlAYW1hem9uLmNvbT6JAlQEEwEIAD4CGwMF
CwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQT7Xbd/1cEYuAURraimMQrMRnJHXAUC
ZqFYbwUJCv/cOgAKCRCmMQrMRnJHXKYuEAC+wtZ611qQtOl0t5spM9SWZuszbcyA
0xBAJq2pncnp6wdCOkuAPu4/R3UCIoD2C49MkLj9Y0Yvue8CCF6OIJ8L+fKBv2DI
yWZGmHL0p9wa/X8NCKQrKxK1gq5PuCzi3f3SqwfbZuZGeK/ubnmtttWXpUtuU/Iz
VR0u/0sAy3j4uTGKh2cX7XnZbSqgJhUk9H324mIJiSwzvw1Ker6xtH/LwdBeJCck
bVBdh3LZis4zuD4IZeBO1vRvjot3Oq4xadUv5RSPATg7T1kivrtLCnwvqc6L4LnF
0OkNysk94L3LQSHyQW2kQS1cVwr+yGUSiSp+VvMbAobAapmMJWP6e/dKyAUGIX6+
 2waLdbBs2U7MXznx/2ayCLPH7qCY9cenbdj5JhG9ibVvFWqqhSo22B/URQE/CMrG
+3xXwtHEBoMyWEATr1tWwn2yyQGbkUGANneSDFiTFeoQvKNyyCFTFO1F2XKCcuDs
19nj34PE2TJilTG2QRlMr4D0NgwLLAMg2Los1CK6nXWnImYHKuaKS9LVaCoC8vu7
IRBik1NX6SjrQnftk0M9dY+s0ZbAN1gbdjZ8H3qlbl/4TxMdr87m8LP4FZIIo261
Eycv34pVkCePZiP+dgamEiQJ7IL4ZArio9mv6HbDGV6mLY45+l6/0EzCwkI5IyIf
BfWC9s/USgxchg==
=ptgS
-----END PGP PUBLIC KEY BLOCK-----
For reference, the following are the details of the public key.
Key ID: A6310ACC4672
Type: RSA
Size: 4096/4096
Created: 2019-09-18
Expires: 2025-07-24
User ID: AWS CLI Team <[email protected]>
Key fingerprint: FB5D B77F D5C1 18B8 0511 ADA8 A631 0ACC 4672 475C
 Import the AWS CLI public key with the following command, substituting public-key-file-name
with the file name of the public key you created.
$ gpg --import public-key-file-name
gpg: /home/username/.gnupg/trustdb.gpg: trustdb created
gpg: key A6310ACC4672475C: public key "AWS CLI Team <[email protected]>"
imported
gpg: Total number processed: 1
gpg: imported: 1

 Download the AWS CLI signature file for the package you downloaded. It has the same path
and name as the .zip file it corresponds to, but has the extension.sig. In the following
examples, we save it to the current directory as a file named awscliv2.sig.

For the latest version of the AWS CLI, use the following command block:
$ curl -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-
x86_64.zip.sig
For a specific version of the AWS CLI, append a hyphen and the version number to the
filename. For this example, the filename for version 2.0.30 would be awscli-exe-linux-
x86_64-2.0.30.zip.sig resulting in the following command:
$ curl -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-x86_64-
2.0.30.zip.sig
  Verify the signature, passing both the downloaded .sig and .zip file names as parameters to
the gpg command.
$ gpg --verify awscliv2.sig awscliv2.zip
The output should look similar to the following.
gpg: Signature made Mon Nov 4 19:00:01 2019 PST
gpg: using RSA key FB5D B77F D5C1 18B8 0511 ADA8 A631 0ACC 4672
475C
gpg: Good signature from "AWS CLI Team <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: FB5D B77F D5C1 18B8 0511 ADA8 A631 0ACC 4672 475C

Step3: Unzip the installer. If your Linux distribution doesn't have a built-in unzip command, use an
equivalent to unzip it. The following example command unzips the package and creates a directory named aws under the
current directory.
 $ unzip awscliv2.zip
Step4: Run the install program. The installation command uses a file named install in the newly unzipped aws
directory. By default, the files are all installed to /usr/local/aws-cli, and a symbolic link is created in
/usr/local/bin. The command includes sudo to grant write permissions to those directories.
$ sudo ./aws/install
You can install without sudo if you specify directories that you already have write permissions to. Use the
following instructions for the install command to specify the installation location:
 Ensure that the paths you provide to the -i and -b parameters contain no volume
name or directory names that contain any space characters or other white space
characters. If there is a space, the installation fails.
 --install-dir or -i – This option specifies the directory to copy all of the files to.
The default value is /usr/local/aws-cli.
 --bin-dir or -b – This option specifies that the main aws program in the install
directory is symbolically linked to the file aws in the specified path. You must have
write permissions to the specified directory. Creating a symlink to a directory that is
already in your path eliminates the need to add the install directory to the user's
$PATH variable.
The default value is /usr/local/bin.
$ ./aws/install -i /usr/local/aws-cli -b /usr/local/bin

Note:
 To update your current installation of the AWS CLI version 2 to a newer version, add your
existing symlink and installer information to construct the install command with the --update
parameter.
$ sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli
--update
To locate the existing symlink and installation directory, use the following steps:
 Use the which command to find your symlink. This gives you the path to use with the
--bin-dir parameter.
 $ which aws
/usr/local/bin/aws
 Use the ls command to find the directory that your symlink points to. This gives you
the path to use with the --install-dir parameter.
$ ls -l /usr/local/bin/aws
lrwxrwxrwx 1 ec2-user ec2-user 49 Oct 22 09:49 /usr/local/bin/aws ->
/usr/local/aws-cli/v2/current/bin/aws
Step5: Confirm the installation with the following command.
$ aws --version
aws-cli/2.17.20 Python/3.11.6 Linux/5.10.205-195.807.amzn2.x86_64
botocore/2.4.5

(Optional) Verifying the integrity of your downloaded zip file

If you chose to manually download the AWS CLI version 2 installer package .zip in the above
steps, you use can use the following steps to verify the signatures by using the GnuPG tool.
The AWS CLI version 2 installer package .zip files are cryptographically signed using PGP
signatures. If there is any damage or alteration of the files, this verification fails and you
should not proceed with installation.
1. Download and install the gpg command using your package manager. For more information about GnuPG.
2. To create the public key file, create a text file and paste in the following text.
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBF2Cr7UBEADJZHcgusOJl7ENSyumXh85z0TRV0xJorM2B/JL0kHOyigQluUG
ZMLhENaG0bYatdrKP+3H91lvK050pXwnO/R7fB/FSTouki4ciIx5OuLlnJZIxSzx
PqGl0mkxImLNbGWoi6Lto0LYxqHN2iQtzlwTVmq9733zd3XfcXrZ3+LblHAgEt5G
TfNxEKJ8soPLyWmwDH6HWCnjZ/aIQRBTIQ05uVeEoYxSh6wOai7ss/KveoSNBbYz
gbdzoqI2Y8cgH2nbfgp3DSasaLZEdCSsIsK1u05CinE7k2qZ7KgKAUIcT/cR/grk
C6VwsnDU0OUCideXcQ8WeHutqvgZH1JgKDbznoIzeQHJD238GEu+eKhRHcz8/jeG
94zkcgJOz3KbZGYMiTh277Fvj9zzvZsbMBCedV1BTg3TqgvdX4bdkhf5cH+7NtWO
lrFj6UwAsGukBTAOxC0l/dnSmZhJ7Z1KmEWilro/gOrjtOxqRQutlIqG22TaqoPG
 fYVN+en3Zwbt97kcgZDwqbuykNt64oZWc4XKCa3mprEGC3IbJTBFqglXmZ7l9ywG
EEUJYOlb2XrSuPWml39beWdKM8kzr1OjnlOm6+lpTRCBfo0wa9F8YZRhHPAkwKkX
XDeOGpWRj4ohOx0d2GWkyV5xyN14p2tQOCdOODmz80yUTgRpPVQUtOEhXQARAQAB
tCFBV1MgQ0xJIFRlYW0gPGF3cy1jbGlAYW1hem9uLmNvbT6JAlQEEwEIAD4CGwMF
CwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQT7Xbd/1cEYuAURraimMQrMRnJHXAUC
ZqFYbwUJCv/cOgAKCRCmMQrMRnJHXKYuEAC+wtZ611qQtOl0t5spM9SWZuszbcyA
0xBAJq2pncnp6wdCOkuAPu4/R3UCIoD2C49MkLj9Y0Yvue8CCF6OIJ8L+fKBv2DI
yWZGmHL0p9wa/X8NCKQrKxK1gq5PuCzi3f3SqwfbZuZGeK/ubnmtttWXpUtuU/Iz
VR0u/0sAy3j4uTGKh2cX7XnZbSqgJhUk9H324mIJiSwzvw1Ker6xtH/LwdBeJCck
bVBdh3LZis4zuD4IZeBO1vRvjot3Oq4xadUv5RSPATg7T1kivrtLCnwvqc6L4LnF
0OkNysk94L3LQSHyQW2kQS1cVwr+yGUSiSp+VvMbAobAapmMJWP6e/dKyAUGIX6+
2waLdbBs2U7MXznx/2ayCLPH7qCY9cenbdj5JhG9ibVvFWqqhSo22B/URQE/CMrG
+3xXwtHEBoMyWEATr1tWwn2yyQGbkUGANneSDFiTFeoQvKNyyCFTFO1F2XKCcuDs
19nj34PE2TJilTG2QRlMr4D0NgwLLAMg2Los1CK6nXWnImYHKuaKS9LVaCoC8vu7
IRBik1NX6SjrQnftk0M9dY+s0ZbAN1gbdjZ8H3qlbl/4TxMdr87m8LP4FZIIo261
Eycv34pVkCePZiP+dgamEiQJ7IL4ZArio9mv6HbDGV6mLY45+l6/0EzCwkI5IyIf
BfWC9s/USgxchg==
=ptgS
-----END PGP PUBLIC KEY BLOCK-----

For reference, the following are the details of the public key.
Key ID: A6310ACC4672
Type: RSA
Size: 4096/4096
Created: 2019-09-18
Expires: 2025-07-24
User ID: AWS CLI Team <[email protected]>
Key fingerprint: FB5D B77F D5C1 18B8 0511 ADA8 A631 0ACC 4672 475C

3. Import the AWS CLI public key with the following command, substituting public-key-file-
name with the file name of the public key you created.
$ gpg --import public-key-file-name
gpg: /home/username/.gnupg/trustdb.gpg: trustdb created
gpg: key A6310ACC4672475C: public key "AWS CLI Team <[email protected]>"
imported
gpg: Total number processed: 1
gpg: imported: 1
4. Download the AWS CLI signature file for the package you downloaded. It has the same path
and name as the .zip file it corresponds to, but has the extension .sig. In the following
examples, we save it to the current directory as a file named awscliv2.sig.
For the latest version of the AWS CLI, use the following command block:
$ curl -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-
x86_64.zip.sig
For a specific version of the AWS CLI, append a hyphen and the version number to the
filename. For this example the filename for version 2.0.30 would be awscli-exe-linux-
x86_64-2.0.30.zip.sig resulting in the following command:
$ curl -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-x86_64-
2.0.30.zip.sig
5. Verify the signature, passing both the downloaded .sig and .zip file names as parameters to
the gpg command.
$ gpg --verify awscliv2.sig awscliv2.zip
The output should look similar to the following.
gpg: Signature made Mon Nov 4 19:00:01 2019 PST
gpg: using RSA key FB5D B77F D5C1 18B8 0511 ADA8 A631 0ACC 4672
475C
gpg: Good signature from "AWS CLI Team <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: FB5D B77F D5C1 18B8 0511 ADA8 A631 0ACC 4672 475C