One of the best aspects of Amazon Web Services (AWS) is that a fully featured command-line utility exists for it. If you’ve ever spent a decent amount of time in the AWS Console (their web interface) then you understand why this is a good thing.
As you venture into better security practices, like completely splitting up your environments (UAT, staging, production, et cetera) and managing them with a billing account, you’ll find yourself needing to juggle different credentials for each account that you’re interacting with with.
Out of the box, when you set things up with
aws configure whatever information you give it will be associated with the default profile. Perfect if you only have the one account, not so much when you have multiple accounts.
To configure different profiles for the
aws-cli to use, all you need to do is create different sections in your
~/.aws/credentials file. The file is INI format, using the
By default the file will look something like this:
[default] aws_access_key_id = XXXXXX aws_secret_access_key = XXXXXX
You can leave the
[default] section as is, or remove it entirely if you want to always ensure you’re picking which profile you’d like to use.
Adding additional sections, which are referred to as profiles, like this:
[default] aws_access_key_id = XXXXXX aws_secret_access_key = XXXXXX [staging] aws_access_key_id = XXXXXX aws_secret_access_key = XXXXXX [production] aws_access_key_id = XXXXXX aws_secret_access_key = XXXXXX
With the new sections added, all you will need to do is pass in the
argument when you run any
aws commands and you’ll be off to the races!
# Using the default profile aws s3 list-buckets # Using the staging profile aws --profile staging s3 list-buckets # Using the production profile aws --profile production s3 list-buckets
Good stuff? Want more?
Weekly emails about technology, development, and sometimes sauerkraut.
100% Fresh, Grade A Content, Never Spam.