Set AWS Profile in PowerShell is not working

Question

I've set AWS Profile in Powershell and when I run get EC2 instance it is still picking up EC2 instance Role instead of the Profile I've set:

Name	Value
Profile	ADMIN-1122333445566
Instance Details to be fetched	i-abcxyz
Region of Instance to be fetched	eu-west-1
Instance Which I'm running the commands from	i-786456xyz
Account which I'm running the commands from	9988776655

PowerShell 7.4.1

PS /home/admin> $env:AWS_PROFILE="ADMIN-1122333445566"

PS /home/admin> aws configure list

Name	Value	Type	Location
profile	ADMIN-1122333445566	env	['AWS_PROFILE', 'AWS_DEFAULT_PROFILE']
access_key	********************	sso
secret_key	********************	sso
region	us-east-1	imds

PS /home/admin> Get-EC2Instance -InstanceId i-abcxyz -region eu-west-1

Get-EC2Instance: You are not authorized to perform this operation. User: arn:aws:sts::9988776655:assumed-role/user-devops/i-786456xyz is not authorized to perform: ec2:DescribeInstances because no identity-based policy allows the ec2:DescribeInstances action

PS /home/admin> Write-Output $env:AWS_PROFILE

ADMIN-1122333445566

PS /home/admin> aws ec2 describe-instances --instance-ids i-abcxyz --region eu-west-1

AWS CLI gives me the output. so somehow PowerShell is not picking up the Profile. I tried Get-STSCallerIdentity and it is showing the Instance Profile.

Is there anyway to force my PowerShell Session to use the AWS Profile instead of Instance Role?

Answer 1

Seems that you need to use AWS Tool command to set a profile.

Set-AWSCredential -AccessKey <AccessKeyId> -SecretKey <SecretAccessKey> -ProfileName ADMIN-1122333445566

This will load the credentials contained in the specified profile and sets them active for all commands in the current shell. By default, AWS Tools for PowerShell stores these credentials in the AWS credentials file located at $HOME\.aws\credentials on Windows.