Reputation: 483
Is there any shell command to setup aws credentials under a specific profile
I want to set up my MFA profile credentials(i.e AceessKeyId, SecrectAccessKey, SessionToken) in ~/.aws/credentials file. Is there any shell command to do this thing?
For example: if I execute aws configure set default.aws_secret_access_key 'myaccesskey' then credentials file is getting updated with this given access key.
But if I type the same command with aws configure set mfa.aws_secret_access_key 'myaccesskey', it is not updating in credentials file, instead ~/.aws/config file is going to update with the format as shown below.
mfa =
aws_secret_access_key = myaccesskey
My goal is, ~/.aws/credentials file should be updated under MFA profile. Like
[default]
aws_secret_access_key = ****
****** = ******
[mfa]
aws_secret_access_key = myaccesskey
aws_accesskeyid = *****
aws_sessionToken = ****
region = ****
Upvotes: 1
Views: 590
Answers (2)
Reputation: 8583
you can pass the profile to the aws configure command using --profile argument.
aws configure set aws_secret_access_key 'myaccesskey' --profile mfa
Reference:
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
Upvotes: 2
Reputation: 8122
I use this aws-mfa project. This is a super easy python project for this exact kind of thing.
Usage Example:
Using command line arguments:
aws-mfa --duration 1800 --device arn:aws:iam::123456788990:mfa/dudeman
INFO - Using profile: default
INFO - Your credentials have expired, renewing.
Enter AWS MFA code for device [arn:aws:iam::123456788990:mfa/dudeman] (renewing for 1800 seconds):123456
INFO - Success! Your credentials will expire in 1800 seconds at: 2015-12-21 23:07:09+00:00
Using a profile: (profiles allow you to reference different sets of credentials, perhaps for different users or different regions):
aws-mfa --duration 1800 --device arn:aws:iam::123456788990:mfa/dudeman --profile development
INFO - Using profile: development
Enter AWS MFA code for device [arn:aws:iam::123456788990:mfa/dudeman] (renewing for 1800 seconds):666666
INFO - Success! Your credentials will expire in 1800 seconds at: 2015-12-21 23:09:04+00:00
Assuming a role:
aws-mfa --duration 1800 --device arn:aws:iam::123456788990:mfa/dudeman --assume-role arn:aws:iam::123456788990:role/some-role --role-session-name some-role-session
INFO - Validating credentials for profile: default with assumed role arn:aws:iam::123456788990:role/some-role
INFO - Obtaining credentials for a new role or profile.
Enter AWS MFA code for device [arn:aws:iam::123456788990:mfa/dudeman] (renewing for 1800 seconds):123456
INFO - Success! Your credentials will expire in 1800 seconds at: 2016-10-24 18:58:17+00:00
Upvotes: 1
Related Questions
- How to temporarily switch profiles for AWS CLI?
- How to login with AWS CLI using credentials profiles
- How to use multiple AWS accounts from the command line?
- AWS IAM Instance Profile to Administer EC2 Instances With that Profile
- How to manage credentials for a shell script that uses AWS CLI?
- How to source AWS credentials profile from .aws/credentials for aws cli
- How can i switch AWS credentials easily in the terminal?
- How to run aws cli commands as a specific user?
- Where can I find a profile name in AWS for credentials file?
- AWS CLI using Instance Profile Credentials