Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AWS CLI config file vs. credentials file

Tags:

amazon-web-services

aws-cli

I understand the AWS CLI can make use of the config and credentials files for storing it's local profile configurations.

Does anyone know of any general guidance and or best practice with regards to what should go in each file?

like image 720
PicoutputCls Avatar asked Nov 03 '17 12:11

PicoutputCls

People also ask

What is the AWS credentials file?

The AWS CLI stores sensitive credential information that you specify with aws configure in a local file named credentials , in a folder named . aws in your home directory. The less sensitive configuration options that you specify with aws configure are stored in a local file named config , also stored in the .

What is AWS config file?

The shared AWS config and credentials files contain a set of profiles. A profile is a set of configuration values that can be referenced from the SDK/tool using its profile name. Configuration values are attached to a profile in order to configure some aspect of the SDK/tool when that profile is used.

Where does AWS config store credentials?

The credentials file is located at ~/. aws/credentials on Linux or macOS, or at C:\Users\ USERNAME \. aws\credentials on Windows. This file can contain the credential details for the default profile and any named profiles.

How do I get AWS CLI credentials?

While signed into the portal, choose the AWS Accounts icon to expand the list of accounts. Choose the AWS account from which you want to retrieve access credentials. Then, next to the IAM role name (for example Administrator), choose Command line or programmatic access.

1 Answers

The AWS documentation which covers the two files can be found under Configuration and Credential Files in the AWS CLI documentation.

To summarise:

  • The two files are distinct in order to enable the separation of credentials from less sensitive configuration information.
  • The credentials file is intended for storing just credential information for the configured profiles. (Currently limited to: aws_access_key_id, aws_secret_access_key and aws_session_token)
  • The config file is intended for storing non-sensitive configuration options for the configured profiles.
  • The config file can also be configured to contain any information which could also be stored in the credentials file.
  • In the case of conflicting credential information being specified for a profile in the config and credentials file, those in the credentials file will take precedence.
like image 193
PicoutputCls Avatar answered Sep 27 '22 21:09

PicoutputCls
Sign in to Comment

Related questions

AWS SSL security error : [curl] 60: SSL certificate prob...: unable to get local issuer certificate
AWS python lambda function:No module named requests
Making calls to AWS api gateway endpoint with api key using rest client POSTMAN
Amazon Elastic Beanstalk - Change Timezone
Docker push to AWS ECR private repo failing with malformed JSON
How to find AMI ID of CentOS 7 image in AWS Marketplace?
Deleting uploaded certificate from elastic load balancer
Parse stream to object in Nodejs
How to auto scale Amazon DynamoDB throughput?
How to allow my user to reset their password on Cognito User Pools?
AWS EC2 Elastic IPs bandwidth usage and charges
Backup: Amazon S3 or Glacier - lots of little files?
Lambda@Edge not logging on cloudfront request
How to generate a temporary url to upload file to Amazon S3 with boto library?
Inconsistent cache values using Zend Cache with AWS ElastiCache across multiple servers
AWS Your account is not ready for posting messages yet
Can AWS CodePipeline track multiple feature branches and run tests on each?
Properly catch boto3 Errors
AWS API Gateway: limit requests from a single IP
How to close Boto S3 connection?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!