Wednesday, June 23, 2021

AWS Configure : .aws : credentials : config :role_Arn : source_profile: credential_source

https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#the-shared-credentials-file


%UserProfile%/.aws                 [Windows]

~/.aws                                     [Linux]


All these defaults can be changed too


aws configure       [Command to add Secret Key/Access Key using command Line itself]


role_arn and either a source_profile or a credential_source.





  • Shared Credentials File
  • AWS CLI Conflig File

They both contain Access_Key and Secret_Key

"CLI Config File" - access/Secret Keys are specific to that role
while


The shared credentials file has a default location of ~/.aws/credentials. 

You can change the location of the shared credentials file by setting the AWS_SHARED_CREDENTIALS_FILE environment variable.



The AWS CLI config file, which defaults to ~/.aws/config has the following format:

[default]

aws_access_key_id=foo

aws_secret_access_key=bar

region=us-west-2

Profiles that aren't the default profile are specified by creating a section titled "profile profilename":

[profile testing]

aws_access_key_id=foo

aws_secret_access_key=bar

region=us-west-2



aws_access_key_id, aws_secret_access_key, aws_session_token. These are the only supported values in the shared credential file. Also note that the section names are different than the AWS CLI config file (~/.aws/config). In the AWS CLI config file, you create a new profile by creating a section of [profile profile-name], for example:


[profile development]

aws_access_key_id=foo

aws_secret_access_key=bar

In the shared credentials file, profiles are not prefixed with profile, for example:


[development]

aws_access_key_id=foo

aws_secret_access_key=bar





Credentials specified in the shared credentials file have precedence over credentials in the AWS CLI config file

Shared Credentials File > Config File




Precedence

The above configuration values have the following precedence:

  • Command line options
  • Environment variables
  • Configuration file



Credentials can be specified in several ways:

  • Environment variables
  • The AWS Shared Credential File
  • The AWS CLI config file

No comments:

Post a Comment

Azure - Pipeline - Add Approver for Stage

https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass