Using multiple IAM Accounts through AWS CLI tool

27 / Feb / 2014 by ravi 0 comments

AWS CLI tool allows you to switch between multiple IAM accounts. This becomes very handy while you are writing a script that involves multiple IAM user accounts.

Prerequisites :

AWS CLI tool

Configuring Multiple Accounts:

When you configure your AWS CLI tool, a configuration file gets created at ~/.aws/config in Linux/Unix or at C:\Users\USERNAME\.aws\config , which looks like:

[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
aws_security_token=texample123324

This has a default profile , that gets created when you run “ aws configure “

Now to create multiple profiles , append the following to your aws configuration file ( ~/.aws/config ) :

[profile test-user]
aws_access_key_id=AKIAI44QH8DHBEXAMPLE
aws_secret_access_key=je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY
region=us-west-2

Note that you need to append the string “profile“ before the profile name .

Now , whenever you want to use this user , you have to invoke the AWS command with the --profile command line parameter or else you can set the environment variable AWS_DEFAULT_PROFILE . If this variable does not specify a profile, the AWS CLI uses the profile named default.

Example:

aws s3 ls –profile test-user
aws s3 ls –profile default

Miscellaneous Tips

Auto Completion :
To enable auto completion for you AWS CLI , add the below line in your /etc/bashrc file :

complete -C aws_completer aws

Configuring the command output :
By default the output of the AWS CLI is json, but it also supports other formats like table and text. To change the default output you can either

  • Configure the default format in config file :
[default]
output = text
  • Use the –output option with the AWS CLI command
aws ec2 describe-instances --output table

Tag -

aws aws cli
FOUND THIS USEFUL? SHARE IT

Leave a comment -