CODEWITHSUNDEEP
amazon-web-servicesaws-config
tbone
tbone

Reputation: 1322

Unable to load AWS credentials from ~/.aws/config and ~/.aws/credentials file

After typing aws configure list command in my project path, I get:

      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************skey              env    
secret_key     ****************tkey              env    
    region                <not set>             None    None

My ~/.aws/credentials and ~/.aws/config looks like below:

~/.aws/credentials

[default]
aws_access_key_id=xxx
aws_secret_access_key=xxx

~/.aws/config

[default]
region=us-east-1
output=json

I tried to set aws configure in the path of this project, but the only change is region:

      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************skey              env    
secret_key     ****************tkey              env    
    region               us-east-01      config-file    ~/.aws/config

Conclusion: even though ~/.aws/credentials and ~/.aws/config are correct and I tried to set them in the project path, it still doesn't read the credentials correctly. The only change was in the region because it was set to none; the rest is still read from env

How to unset these credentials and make them read from the above mentioned files (default user)?

I did it manually using unset:

unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY

After that, both the access key and the secret key read from the file:

      Name                    Value             Type     Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************AYX   shared-credentials-file    
secret_key     ****************vwT   shared-credentials-file    
    region               us-east-01      config-file    ~/.aws/config

I've tried to set the default profile using the command below and now it reads it as default but type is env - not the shared-credentials-file or ~/.aws/config or ~/.aws/credential file.

  export AWS_DEFAULT_PROFILE=default

It seems to work, but I don't think it's a valid solution...

Upvotes: 1

Views: 1022

Answers (1)

jarmod
jarmod

Reputation: 78573

The AWS CLI credentials and configuration settings take precedence in the following order:

  1. command line options (--region, --output, and --profile)
  2. environment variables
  3. CLI credentials file
  4. CLI config file
  5. container credentials
  6. EC2 instance profiles credentials

So, to force the AWSCLI to read the default configuration from the credentials/config files in ~/.aws/, don't supply --profile on the command line and don't have the AWS_PROFILE or AWS_ACCESS_KEY_ID environment variables set.

Read more at Configuration settings and precedence.

Also, I see no mention of AWS_DEFAULT_PROFILE at AWS CLI supported environment variables. I believe that it was deprecated some time ago in favor of AWS_PROFILE.

Upvotes: 2

Related Questions