AWS Cloud Shell Setup Guide
Overview
YouTube Video Tutorial: https://youtu.be/9qyVR5EEIes
This guide walks you through setting up AWS Cloud Shell to deploy Service Foundry using Helm charts. AWS Cloud Shell lets you manage AWS resources and Kubernetes clusters directly from your browser—no local installation required.
It’s especially useful for users who want a clean, preconfigured environment for working with AWS, EKS, Helm, and Git.
Prerequisites
-
An AWS account with sufficient permissions
-
Basic familiarity with AWS Cloud Shell and Kubernetes
What You’ll Learn
-
What AWS Cloud Shell is and how it works
-
How to set up Cloud Shell step‑by‑step
-
How to install and verify AWS CLI, kubectl, and Helm
-
How to connect Cloud Shell to your EKS cluster
-
How to configure Git credentials (optional)
What is AWS Cloud Shell?
AWS Cloud Shell is a browser‑based terminal environment that provides command‑line access to your AWS resources. It includes tools like AWS CLI, kubectl, and Git preinstalled and is automatically authenticated with your IAM identity.
For IAM users, the free tier includes 1 GB of persistent storage, and note that Cloud Shell cannot run a single long‑running task for more than 12 hours
Key Features
-
Ready to use — tools like AWS CLI are already installed
-
Automatically authenticated with your AWS credentials
-
Fully managed environment with no setup required
-
1 GB of persistent user storage
Shell Session Behavior
-
Inactive sessions pause automatically after 20 minutes
-
Long‑running sessions are terminated after 12 hours, even if you stay active
Step‑by‑Step Setup
1. Launch AWS Cloud Shell
Log in to the AWS Management Console and click the Cloud Shell icon in the upper‑right corner.
2. Verify AWS CLI Configuration
Cloud Shell automatically configures the AWS CLI. You can confirm the active settings:
$ aws configure listSample output:
NAME : VALUE : TYPE : LOCATION
profile : <not set> : None : None
access_key : ****************HXWO : container-role :
secret_key : ****************99Rl : container-role :
region : ca-central-1 : env : ['AWS_REGION', 'AWS_DEFAULT_REGION']3. Verify Installed Tools
Check that your key utilities are available:
$ aws --version
$ kubectl version --client
$ git --version
$ helm version
bash: helm: command not foundHelm is not preinstalled, so you’ll install it next.
4. Install Helm
If Helm is not installed, you can install it by running the following commands:
$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
$ helm version5. Connect Cloud Shell to Your EKS Cluster
To update your Kubernetes configuration to connect to your EKS cluster, use the following command:
# Set your EKS cluster name
$ EKS_CLUSTER_NAME="your-eks-cluster-name"
$ aws eks update-kubeconfig --region $AWS_REGION --name $EKS_CLUSTER_NAMETest the connection:
# Verify the connection
$ kubectl get nodes
# Permission denied error
E1126 19:22:33.267316 882 memcache.go:265] "Unhandled Error" err="couldn't get current server API group list: the server has asked for the client to provide credentials"Check your IAM identity:
$ aws sts get-caller-identity --query Arn --output text
arn:aws:iam::44------:user/your-iam-userThis IAM ARN must be added to the aws-auth ConfigMap by an EKS admin.
View the existing config:
$ kubectl -n kube-system get configmap aws-auth -o yamlAn admin user should add:
$ kubectl edit configmap aws-auth -n kube-systemAdd the following under mapUsers: section:
data:
mapUsers: |
- userarn: arn:aws:iam::44------:user/your-iam-user
username: cloudshell-user
groups:
- system:mastersSave and exit the editor.
After updating, test again:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
ip-192-168-18-56.ca-central-1.compute.internal Ready <none> 3h14m v1.33.5-eks-ecaa3a6List Helm apps:
$ helm list -A
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
aws-cluster-autoscaler kube-system 1 2025-11-26 09:25:19.295873 -0800 -0800 deployed cluster-autoscaler-9.50.1 1.33.06. (Optional) Set Up Git Credentials
If you need to clone private repositories, configure SSH keys.
Generate a key pair:
$ ssh-keygen -t rsa -b 4096 -C "emillian@servicefoundry.org" -f ~/.ssh/id_rsa
$ ls ~/.ssh/
id_rsa id_rsa.pubAdd the public key to GitHub:
$ cat ~/.ssh/id_rsa.pub
Trust GitHub host key:
$ ssh-keyscan github.com >> ~/.ssh/known_hosts
$ cat ~/.ssh/known_hostsClone a repository:
$ git clone git@github.com:nsalexamy/service-foundry-demo.git7. You’re Ready to Go!
Cloud Shell is now configured with:
-
AWS CLI
-
kubectl
-
Helm
-
Optional Git SSH access
You can now manage AWS resources, connect to EKS clusters, and deploy Service Foundry using Helm.
Additional useful tools included in Cloud Shell:
-
yq — YAML processor
-
jq — JSON processor
Install yq if needed:
YQ_VERSION="v4.44.1" && TARGETARCH="amd64" && \
curl -L https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_${TARGETARCH} -o yq && \
chmod +x yq && \
sudo mv yq /usr/local/bin/yqConclusion
You’ve successfully configured AWS Cloud Shell for managing AWS resources and Kubernetes workloads. With AWS CLI, kubectl, Helm, and Git ready to go, you can deploy and manage Service Foundry directly from your browser.
Service Foundry also provides bootstrap scripts optimized for Cloud Shell to streamline deployments even further. Refer to the Service Foundry documentation for details.
📘 View the web version:
