AWS CLI
- As a Cloud Engineer, We are expected to work on multiple AWS Accounts from CLI
- Lets see How to configure one AWS CLI with Access Key and Secret Key
- Note: Please follow classroom video for your system setup of AWS CLI
- Problem: You are working for 3 projects with 3 different aws accounts as 3 different iam users.
- Solution: AWS CLI supports profiles
AWS CLI Configuration
- When we use
aws configure and enter credentials aws cli stores in your HOME-DIR\.aws\credentials
-
Lets create 3 profiles Refer Here for the steps to create Named profiles
-
First in
~/.aws/config add profiles and their default regions
[default]
region = us-east-1
[profile admin]
region = us-east-1
[profile developer]
region = us-east-1
[profile qa]
region = us-east-1
- Now
~/.aws/credentials add secretkey and access keys
[default]
aws_access_key_id = AKIAZ4ECZC3PJ2RPEJHQ
aws_secret_access_key = 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
[admin]
aws_access_key_id = AKIAZ4ECZC3PJ2RPEJHQ
aws_secret_access_key = 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
[developer]
aws_access_key_id = AKIAZ4ECZC3PDQFJMHFH
aws_secret_access_key = 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
[qa]
aws_access_key_id = AKIAZ4ECZC3PCSJVGIU6
aws_secret_access_key = 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
-
Now execute aws commands with profile argument
-
Verify the profiles by creating 2 different users. One user with ec2 full access policy and other with ec2 read only
aws ec2 start-instances --instance-ids "<id>"
aws ec2 stop-instances --instance-ids "<id>"
aws ec2 terminate-instances --instance-ids "<id>"
aws ec2 describe-instances
Like this:
Like Loading...
