How can I configure a temporary AWS-CLI user if I already have a default user in the .aws/ path ??? if I could create a temp user, I could test my task without interfering default user !!
CodePudding user response:
You can use profile as below:
$ aws ec2 describe-instances --profile user1
Have a look at the aws documentation here
CodePudding user response:
You can add temp user as follows:
export AWS_ACCESS_KEY_ID=<your AWS_ACCESS_KEY_ID >
export AWS_SECRET_ACCESS_KEY=<your AWS_SECRET_ACCESS_KEY>
export AWS_REGION=<your AWS_REGION>
When you set these values, you will be able to see similar like these:
{
"Account": "2*********4",
"UserId": "A*****************V",
"Arn": "arn:aws:iam::275*******04:user/s3ba*****ser"
}
Once you are done, do the rest :
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
unset AWS_REGION
CodePudding user response:
You can use AWS CLI named profiles:
- Create a new profile called
temp, provide your temporary CLI user's credentials:
$ aws configure --profile temp
AWS Access Key ID [None]: xxxxxxxxxxxxx
AWS Secret Access Key [None]: yyyyyyyyyyyyy
Default region name [None]: eu-central-1
Default output format [None]: json
- Use the newly created profile:
$ aws s3 ls --profile temp
Specifying --profile temp with each AWS call is not that handy, so consider either of these:
- Specify a profile in an environment variable called
AWS_PROFILE:
$ export AWS_PROFILE=temp
$ aws s3 ls
$ export AWS_PROFILE=another-profile
$ aws s3 ls
- Use a profile switcher tool like awsp. With it switching profiles (users/roles) is as easy as:
$ awsp temp
$ aws s3 ls
$ awsp another-profile
$ awsho
$ aws s3 ls
The good thing about awsp is it supports auto-complete and you can easily switch between profiles even without memorizing your profile names. If you want to check the current profile, use:
$ awswho
Name Value Type Location
---- ----- ---- --------
profile temp env ['AWS_PROFILE', 'AWS_DEFAULT_PROFILE']
access_key ****************DHGY shared-credentials-file
secret_key ****************O2pq shared-credentials-file
region eu-central-1 config-file ~/.aws/config