How to save AWS CLI output to a file
Saving AWS CLI output to a file keeps command results available after terminal scrollback is gone and makes it easier to attach evidence to a ticket, compare repeated checks, or hand structured data to another tool without copying from the screen.
The AWS CLI prints normal command results to stdout, and the shell redirection operators >, >>, and pipes decide whether that stdout stream is written to disk, appended to a log, or duplicated with tee. The file contents still depend on CLI-side flags such as --output and --query, so the saved result can stay as json, yaml, or flat text depending on what the next step needs.
Pager, debug, and credential state change what actually reaches the file. --no-cli-pager prevents long output from being sent through the client-side pager, --debug writes diagnostics to stderr instead of stdout, and --output off suppresses stdout entirely. When a profile is not ready for live API calls, --generate-cli-skeleton output is a safe way to rehearse the save workflow locally with AWS-shaped sample output before switching to a real request.
Steps to save AWS CLI output to a file:
- Create a directory for saved command results before redirecting output into multiple files.
$ mkdir -p ~/aws-output
A dedicated directory keeps normal results, appended logs, and debug captures together instead of scattering them across the shell history and home directory.
- Save a safe local command result to a file and confirm that redirection is writing stdout where expected.
$ aws configure list --no-cli-pager > ~/aws-output/aws-config.txt $ sed -n '1,5p' ~/aws-output/aws-config.txt NAME : VALUE : TYPE : LOCATION profile : <not set> : None : None access_key : ****************MPLE : shared-credentials-file : secret_key : ****************EKEY : shared-credentials-file : region : us-west-2 : config-file : ~/.aws/config
--no-cli-pager is a safe default in saved-output examples because it guarantees that the CLI writes directly to stdout instead of opening the client-side pager.
Related: How to disable the AWS CLI pager
- Save structured AWS-shaped output locally when the save workflow needs to be tested without spending an API call or depending on valid credentials.
$ aws ec2 describe-regions --generate-cli-skeleton output \ --output json --no-cli-pager > ~/aws-output/regions.json $ cat ~/aws-output/regions.json { "Regions": [ { "OptInStatus": "OptInStatus", "Geography": [ { "Name": "Name" } ], "RegionName": "RegionName", "Endpoint": "Endpoint" } ] }--generate-cli-skeleton output returns a sample response locally, so the saved file shows the response shape without contacting AWS. The placeholder values are illustrative only.
- Change the saved file format or reduce the saved fields before writing the file when the next tool expects YAML or a flat text list.
$ aws ec2 describe-regions --generate-cli-skeleton output \ --output yaml --no-cli-pager > ~/aws-output/regions.yaml $ aws ec2 describe-regions --generate-cli-skeleton output \ --query 'Regions[].RegionName' --output text --no-cli-pager > ~/aws-output/region-names.txt $ cat ~/aws-output/region-names.txt RegionName
Prefer json or yaml while shaping a live --query expression. AWS documents that --output text paginates first and then runs the query once per page, which can produce repeated or surprising matches on larger live responses.
- Apply the same redirection pattern to a real AWS API call once valid credentials are loaded for the target profile.
$ aws sts get-caller-identity --output json --no-cli-pager > ~/aws-output/caller-identity.json
Live service commands save only stdout with >. If the request fails because of an expired or invalid token, the error stays on stderr and the redirected file does not contain the JSON response.
- Use tee when the same result should stay visible in the terminal and be written to a file at the same time.
$ aws ec2 describe-regions --generate-cli-skeleton output \ --query 'Regions[].RegionName' --output text --no-cli-pager | tee ~/aws-output/region-names.txt RegionName
tee is useful during manual checks because the saved file and the on-screen result stay in sync without running the command twice.
- Append repeated output with >> when the file should act as a running log instead of being replaced on each command.
$ aws ec2 describe-regions --generate-cli-skeleton output \ --query 'Regions[].RegionName' --output text --no-cli-pager >> ~/aws-output/region-history.log $ tail -n 3 ~/aws-output/region-history.log RegionName RegionName RegionName
Use >> only when repeated lines are expected. Use > when the file should contain only the most recent result.
- Save normal output and debug logs into separate files when the command result must be archived without mixing in diagnostic noise.
$ aws ec2 describe-regions --generate-cli-skeleton output \ --debug --no-cli-pager > ~/aws-output/regions.json 2> ~/aws-output/regions-debug.log $ wc -c < ~/aws-output/regions.json 277 $ wc -c < ~/aws-output/regions-debug.log 16581
AWS documents --debug as stderr diagnostic output and recommends redirecting it to a file when the log needs to be searched later.
- Avoid --output off when the goal is to save the response body, because that output mode suppresses stdout completely.
$ aws ec2 describe-regions --generate-cli-skeleton output \ --output off --no-cli-pager > ~/aws-output/regions-empty.txt $ wc -c < ~/aws-output/regions-empty.txt 0
--output off is useful only when the exit status matters more than the response body. With > redirection, it creates an empty file instead of saving the command result.