Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to login with AWS CLI using credentials profiles

Tags:

authentication

command-line-interface

amazon-web-services

aws-cli

amazon-ecr

I want to setup multiple AWS profiles so that I can easily change settings and credentials when jumping between projects.

I've read the AWS documentation but it's quite vague about how to select what profile you want to use when logging in.

When I'm trying to login it's just giving me this error which seems to indicate that it's not picking up any credentials.

An error occurred (UnrecognizedClientException) when calling the GetAuthorizationToken operation: The security token included in the request is invalid.

like image 594
Janne Annala Avatar asked May 29 '17 13:05

Janne Annala

People also ask

How do I change AWS profiles in CLI?

To switch between different AWS accounts, set the AWS_profile environment variable at the command line via export AWS_PROFILE=profile_name . Setting the env variable changes the default profile until the end of your shell session or until you set the variable to a different value.

Where does AWS CLI look for credentials?

The credentials file is located at ~/. aws/credentials on Linux or macOS, or at C:\Users\ USERNAME \. aws\credentials on Windows. This file can contain the credential details for the default profile and any named profiles.

How do I verify AWS CLI credentials?

To validate a user's credentials with the AWS CLI, run the sts get-caller-identity command. The command returns details about the user's credentials if they are valid, otherwise it throws an error.

2 Answers

To setup multiple profiles for AWS login you need to the following:

  1. Setup the credentials file with your access keys
  2. Setup default settings for profiles (optional)
  3. Set the AWS_PROFILE environment variable
  4. Remove previous AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

1: ~/.aws/credentials

[default]
aws_access_key_id =
aws_secret_access_key =

[cat]
aws_access_key_id = XXXX
aws_secret_access_key = XXXXXXXXXXXX

[dog]
aws_access_key_id = XXXX
aws_secret_access_key = XXXXXXXXXXXX

2: ~/.aws/config

[default]
region = eu-central-1

[profile cat]
region = us-west-2

[profile dog]
region = ap-northeast-1

3. Select profile

The selected profile is determined by the $AWS_PROFILE environment variable. In bash this could be done in ~\.bash_profile by adding a line export AWS_PROFILE="cat". To switch profiles in the current terminal, type AWS_PROFILE=dog.

4. Remove global settings

You also need to make sure that the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are not set because the aws-cli will give priority to those variables over profiles.

Running

You can then login to the AWS service of your choice. To see what profile is currently in use echo $AWS_PROFILE. Example command for ECR login would be $(aws ecr get-login)

Debugging

If you're still having problems you can add the --debug flag to see what credentials it's using for the command.

like image 135
Janne Annala Avatar answered Sep 18 '22 23:09

Janne Annala

For me although I setup everything is above, I have older aws cli version is causing this issue.

$ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
$ unzip awscli-bundle.zip
$ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

By applying above commands it resolves my issue.

like image 28
Jackson Avatar answered Sep 18 '22 23:09

Jackson
Sign in to Comment

Related questions

AWS - EBS Attached But Can't Find On Instance
Status Code 403: SignatureDoesNotMatch when I am using Amazon SES
No such file or directory(public/assets/manifest*)
Amazon SNS: "Platform credentials are invalid" when re-entering a GCM API key that previously worked
PHP AWS SDK throwing unknown error
Static content for AWS EC2 with IAM role
How do I setup and use Laravel Scheduling on AWS Elastic Beanstalk?
How can I get query strings in my Amazon S3 static website?
AWS Elastic Beanstalk: Running Cron.d script, missing Environment Variables
AWS Code Deploy Error on Before Install Cannot Solve
AWS Glue takes a long time to finish
How to upgrade ruby version in Amazon Linux system?
Merging files on AWS S3 (Using Apache Camel)
How are consumed read capacity units calculated in DynamoDB query
How to convert PEM file to PPK using PuTTYgen in Ubuntu [closed]
Amazon S3 triggering another a Lambda function in another account
copy data from s3 to local with prefix
AWS CodeCommit - fatal: repository 'https://git-codecommit.us-east-1..' not found
AWS ec2 en_US.UTF-8 issue
I can't find my Web app when I SSH to my AWS Elastic Beanstalk instance

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!