https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#the-shared-credentials-file
%UserProfile%/.aws [Windows]
~/.aws [Linux]
All these defaults can be changed too
aws configure [Command to add Secret Key/Access Key using command Line itself]
role_arn and either a source_profile or a credential_source.
- Shared Credentials File
- AWS CLI Conflig File
They both contain Access_Key and Secret_Key
while
The shared credentials file has a default location of ~/.aws/credentials.
You can change the location of the shared credentials file by setting the AWS_SHARED_CREDENTIALS_FILE environment variable.
The AWS CLI config file, which defaults to ~/.aws/config has the following format:
[default]
aws_access_key_id=foo
aws_secret_access_key=bar
region=us-west-2
Profiles that aren't the default profile are specified by creating a section titled "profile profilename":
[profile testing]
aws_access_key_id=foo
aws_secret_access_key=bar
region=us-west-2
aws_access_key_id, aws_secret_access_key, aws_session_token. These are the only supported values in the shared credential file. Also note that the section names are different than the AWS CLI config file (~/.aws/config). In the AWS CLI config file, you create a new profile by creating a section of [profile profile-name], for example:
[profile development]
aws_access_key_id=foo
aws_secret_access_key=bar
In the shared credentials file, profiles are not prefixed with profile, for example:
[development]
aws_access_key_id=foo
aws_secret_access_key=bar
Credentials specified in the shared credentials file have precedence over credentials in the AWS CLI config file
Shared Credentials File > Config File
Precedence
The above configuration values have the following precedence:
- Command line options
- Environment variables
- Configuration file
Credentials can be specified in several ways:
- Environment variables
- The AWS Shared Credential File
- The AWS CLI config file
No comments:
Post a Comment