AWS: CLI named profiles

By | 03/19/2019

aws-logo-square-02AWS CLI supports so-called named profiles stored in the configuration file .aws/config and ~/.aws/credentials file with keys which by default contains the… Well – the “default” profile.

An additional profile can be added using the aws configure command with the --profile option.

Here is an example of such file with already existing two profiles:

[simterm]

$ cat ~/.aws/credentials 
[default]
aws_access_key_id = AKI***6GA
aws_secret_access_key = cbd***M6W
[TAG]
aws_access_key_id = AKI***FJQ
aws_secret_access_key = 6T/***4sG

[/simterm]

To add a new one – execute:

[simterm]

$ aws configure --profile example
AWS Access Key ID [None]: 123456
AWS Secret Access Key [None]: 0123456789   
Default region name [None]: eu-west-1
Default output format [None]: json

[/simterm]

Check them now:

[simterm]

$ cat ~/.aws/credentials 
[default]
aws_access_key_id = AKI***6GA
aws_secret_access_key = cbd***M6W
[TAG]
aws_access_key_id = AKI***FJQ
aws_secret_access_key = 6T/***4sG
[example]
aws_access_key_id = 123456
aws_secret_access_key = 0123456789

[/simterm]
[simterm]

$ cat ~/.aws/config 
[default]
aws_access_key_id = AKI***TCQ
region = eu-west-1
output = json
aws_secret_access_key = nSD***dj+
[preview]
cloudfront = true
[profile example]
output = json
region = eu-west-1

[/simterm]
To run a command using one of those profiles – use the --profile option.

For example, using the default one:

[simterm]

$ aws s3 ls
2016-05-10 12:35:03 elasticbeanstalk-eu-west-1
2016-08-29 17:45:34 rtfmbackups
2016-09-15 18:01:53 static-site-example

[/simterm]

And similarly but using the TAG profile:

[simterm]

$ aws s3 ls --profile TAG
2016-04-06 18:16:08 elasticbeanstalk-eu-west-1
2016-03-15 18:42:46 elasticbeanstalk-us-west-2
2016-05-09 19:22:16 profile-dev.connected.com
2016-05-09 21:09:40 profile-staging.connected.com
2016-08-17 16:02:28 profileapp.connected.com
2015-07-23 01:05:41 tag-cms-media-dev
2015-08-13 00:22:57 tag-cms-media-prod
2015-08-13 00:23:12 tag-cms-media-staging
2015-07-14 21:31:41 tag-ecs-config
...

[/simterm]

Also, you can set your default profile using the $AWS_DEFAULT_PROFILE environment variable:

[simterm]

$ export AWS_DEFAULT_PROFILE=TAG
$ aws s3 ls
2016-04-06 18:16:08 elasticbeanstalk-eu-west-1
2016-03-15 18:42:46 elasticbeanstalk-us-west-2
2016-05-09 19:22:16 profile-dev.connected.com
2016-05-09 21:09:40 profile-staging.connected.com
2016-08-17 16:02:28 profileapp.connected.com
...

[/simterm]

More details in a документации>>>.