What Is Boto3 on AWS


Have you ever found yourself not wanting to move around a user interface (UI) anymore and instead, automate the tasks you’re working on? Perhaps you want to create a service, get information about an existing service, or even query resources?

Maybe you don’t want to learn a new provisioning tool like Terraform and instead, stick with a programming language you already know, like Python.

Combing the power of Python and API calls, you can use a Software Development Kit (SDK) from AWS called Boto3.

In this blog post, you’ll learn about what Boto3 is and how you can get started with it right now.

What is Boto3

Imagine that you’re working on a new project to deploy an application to Elastic Kubernetes Service (EKS) and you want to automate the process. Well, you can use CI/CD to deploy the application, but what about the underlying EKS cluster?

The first thing that comes to mind is Infrastructure-as-Code (IaC), with a provisioning tool like CloudFormation or Terraform, but how about if you want to perform the same steps that IaC gives you without a configuration language?

With Boto3, you can get around learning and/or using a configuration language and instead, stick with a general-purpose programming language like Python.

The benefits of this approach, to name a few are:

  • Proper error handling that you get from a programming language
  • Loops and logic for your resources
  • The ability to perform functional-based programming or object-oriented programming
  • Testing frameworks to treat your AWS cloud service code the same you do the rest of the application code using unit tests, integration tests, etc.

Boto3 gives you the ability to create, configure and manage any AWS service via a programmatic fashion with an API.

You can create anything from:

  • EC2 instances
  • S3 buckets
  • Serverless services
  • Kubernetes clusters
  • Lambda functions
  • And much more…

How to Use Boto3

To start using Boto3, there are two big components to focus on:

  • Authentication
  • Documentation

Without properly authenticating to AWS or understanding how to use Boto3 at a programmatic level, you may find yourself frustrated and not sure where to begin.

Let’s take a look at a few authentication methods and some documentation.

Configuring Credentials

If you’re using AWS today at a programmatic level, you may already have configured AWS on a terminal using the aws configure command. This command allows you to pass in:

  • AWS Access Key ID
  • AWS Secret Key
  • Region

With these three components, you can programmatically access AWS services with the IAM policies you have attached to the IAM user.

Once the credentials are configured on the terminal, you can run Boto3 code without having to worry about any other credential configuration.

For more information on setting up AWS credentials, check out the documentation provided by AWS here.

Passing in Credentials as Arguments or Parameters

The next type of configuration you can do, which is great if you need to run the code at runtime on say, a CI/CD pipeline is passing in the credentials as arguments.

The code below shows setting up the client SDK authentication in a Python file with an access key and secret key.

import boto3

def creds(access_key, secret_key):

	client = boto3.client(

Notice in the creds() function there are two arguments, access_key and secret_key

You can use a Python library like sys to pass in the two arguments at runtime.

Environment Variables

The final authentication method you’ll learn about is environment variables. One thing to keep in mind is environment variables are based on your environment configuration and shouldn’t be used outside of that. For production-level workloads, you’ll want to use authentication method number 1 or number 2.

If you want to create environment variables on Linux or MacOS, you can use the following code:


If you want to create environment variables on Windows, you can use the following code with PowerShell.

$Env:ACCESS_KEY = "access_key_id_value"
$Env:SECRET_KEY = "secret_key_value"


The Boto3 documentation is continuously talked about because of how straightforward it is to use. It’s extremely readable and a great way to get started using Boto3.

It contains:

  • Code samples
  • All required and optional arguments/parameters
  • Quickstart guides
  • Sample tutorials

Get started with the documentation by following this link

Boto3 Prerequisites

In terms of perquisites for Boto3 itself, you’ll need authentication to AWS and the Boto3 SDK installed on your local computer. To write the Boto3 code, you’ll need a code editor like PyCharm or VS Code.

However, those prerequisites come after the ability to use Python.

If you are unfamiliar with Python, I would highly recommend checking out a few getting started guides and/or Python courses. If you aren’t at a high beginner to intermediate level with Python, you’ll absolutely want to start there.

Here are a few resources to get started with Python:

Closing Thoughts

If you’re in the AWS world and want to automate what you’re doing today, or need a reason to learn Python as a cloud engineer, getting familiar with the Boto3 SDK is a great way to do so.

Programmatically accessing AWS with Python Boto3 is a game-changer for any cloud engineer or DevOps pro.

If you’re interested in project-focused training utilizing real-world experience, CloudSkills.io goes into the AWS CDK, Python, and more on the AWS Cloud Architect bootcamp, which you can check out here: AWS Cloud Architect Bootcamp (cloudskills.io).

2 Comments Add yours

  1. What is the difference in boto3 and Pulumi?

    1. Good question! Boto3 is the Python SDK/library for interacting with services at an API level. Pulumi does the same thing, except it’s Infrastructure-as-Code using a general-purpose programming language. Think of Pulumi like Terraform, but using Python/Go/C#/etc.

Leave a Reply

Your email address will not be published. Required fields are marked *