DEV Community

Max Borysov
Max Borysov

Posted on • Originally published at Medium

How to manage different AWS profiles

If you are using AWS tools, you probably know about IAM(Identity and Access Management). Generally, it makes it possible to separate uses/roles to manage different services.

The best practice: do not use the root account for daily tasks. Create different IAM roles with limited access instead.

For instance, you have three projects. Therefore, the best way would be to create three users: user1, user2, user3.

  • user1 can only manage S3
  • user2 can manage EC2 instances and Load Balancer
  • user3 can manage RDS

And you want to execute API calls to perform some actions.
Here is my favorite approach for that:

  1. create ~/.aws/credentials file
  2. add sections for each user/profile
[user1]
aws_access_key_id = xxx
aws_secret_access_key = xxx
[user2]
aws_access_key_id = xxx
aws_secret_access_key = xxx
[user3]
aws_access_key_id = xxx
aws_secret_access_key = xxx
Enter fullscreen mode Exit fullscreen mode
  1. run command with --profile param
aws rds create-db-instance --profile user1 ...
Enter fullscreen mode Exit fullscreen mode

Run these commands to see the configurations:

aws configure list
aws configure list --profile user1
cat ~/.aws/credentials
Enter fullscreen mode Exit fullscreen mode

You can also check these super helpful official articles.

Top comments (0)