Table of Contents
Overview
To manage multiple AWS keys on localhost, configure multiple profiles in the AWS CLI using the ~/.aws/config and ~/.aws/credentials files.
Step-by-step instructions
Obtain Access Keys:
Navigate to the AWS Management Console and create access keys for each AWS account you want to manage. Make sure to save both the Access Key ID and Secret Access Key for each account.
Configure AWS CLI Profiles:
Open your terminal and run the following command to configure a profile for each account:
aws configure –profile profile_name
Replace profile_name with a meaningful name for the profile (e.g., dev, prod). You will be prompted to enter the Access Key ID, Secret Access Key, region, and output format for that profile.
Edit Configuration Files:
The AWS CLI creates two files in your home directory:
~/.aws/credentials: This file contains your access keys.
~/.aws/config: This file contains configuration settings like the default region and output format.
You can manually edit these files to add or modify profiles. For example, your ~/.aws/credentials file might look like this:
[dev]
aws_access_key_id = YOUR_DEV_ACCESS_KEY
aws_secret_access_key = YOUR_DEV_SECRET_KEY
[prod]
aws_access_key_id = YOUR_PROD_ACCESS_KEY
aws_secret_access_key = YOUR_PROD_SECRET_KEY
And your ~/.aws/config file might look like this:
[profile dev]
region = us-west-2
output = json
[profile prod]
region = us-east-1
output = json
Using the Profiles:
When running AWS CLI commands, specify the profile you want to use with the –profile flag. For example:
aws s3 ls –profile dev
If you set a default profile, you can run commands without specifying the –profile flag.
Environment Variables (Optional):
You can also set environment variables to temporarily override the profile settings. For example:
export AWS_PROFILE=dev
export AWS_DEFAULT_PROFILE=account1
aws s3 ls
This will set the dev profile as the active profile for your terminal session.
Best Practices
Security: Ensure that your ~/.aws/credentials file has appropriate permissions (e.g., chmod 600 ~/.aws/credentials) to prevent unauthorized access.
Key Rotation: Regularly rotate your access keys and remove any keys that are no longer in use to enhance security.
3
By following these steps, you can effectively manage multiple AWS keys on your localhost, allowing for seamless interaction with different AWS accounts and environments.
References
[1] https://bobbyhadz.com/blog/aws-cli-manage-multiple-accounts
[2] https://dev.to/pragnesh_patel/configuring-multiple-aws-cli-profiles-4el4
[3] https://devtoolhub.com/manually-setting-up-multiple-aws-accounts-for-cli/
[4] https://www.w3tutorials.net/blog/have-multiple-access-key-ids-aws-config-nodejs/
