# Using AWS CloudShell to work with AWS Security Incident Response Using AWS CloudShell AWS CloudShell is a browser-based, pre-authenticated shell that you can launch directly from the AWS Management Console. You can run AWS CLI commands against AWS services (including AWS Security Incident Response) using your preferred shell (Bash, PowerShell or Z shell). And you can do this without needing to download or install command line tools. You [launch AWS CloudShell from the AWS Management Console](https://docs.aws.amazon.com/cloudshell/latest/userguide/working-with-cloudshell.html#launch-options), and the AWS credentials you used to sign in to the console are automatically available in a new shell session. This pre-authentication of AWS CloudShell users allows you to skip configuring credentials when interacting with AWS services such as Security Incident Response using AWS CLI version 2 (pre-installed on the shell's compute environment). **Topics** + [ # Obtaining IAM permissions for AWS CloudShell ](cloudshell-permissions.md) + [ # Interacting with Security Incident Response using AWS CloudShell ](cshell-examples.md) # Obtaining IAM permissions for AWS CloudShell Using the access management resources provided by AWS Identity and Access Management, administrators can grant permissions to IAM users so they can access AWS CloudShell and use the environment's features. The quickest way for an administrator to grant access to users is through an AWS managed policy. An [AWS managed policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) is a standalone policy that's created and administered by AWS. The following AWS managed policy for CloudShell can be attached to IAM identities: + `AWSCloudShellFullAccess`: Grants permission to use AWS CloudShell with full access to all features. If you want to limit the scope of actions that an IAM user can perform with AWS CloudShell, you can create a custom policy that uses the `AWSCloudShellFullAccess` managed policy as a template. For more information about limiting the actions that are available to users in CloudShell, see [Managing AWS CloudShell access and usage with IAM policies](https://docs.aws.amazon.com/cloudshell/latest/userguide/sec-auth-with-identities.html) in the *AWS CloudShell User Guide*. **Note** Your IAM identity also requires a policy that grants permission to make calls to Security Incident Response. # Interacting with Security Incident Response using AWS CloudShell After you launch AWS CloudShell from the AWS Management Console, you can immediately start to interact with Security Incident Response using the command line interface. **Note** When using AWS Command Line Interface in AWS CloudShell, you don't need to download or install any additional resources. Moreover, because you're already authenticated within the shell, you don't need to configure credentials before making calls. # Working with AWS CloudShell and Security Incident Response 1. From the AWS Management Console, launch CloudShell by choosing the following options available on the navigation bar: + Choose the CloudShell icon. + Start typing "cloudshell" in the Search box and then choose the CloudShell option. 1. Use the standard AWS Command Line Interface to interact with AWS Security Incident Response. For a complete reference of available CLI commands, see the [AWS CLI Command Reference for AWS Security Incident Response](https://docs.aws.amazon.com/cli/latest/reference/security-ir/).