DEV Community

Cover image for Configuring Multiple AWS CLI Profiles
Pragnesh Patel
Pragnesh Patel

Posted on

Configuring Multiple AWS CLI Profiles

#aws #awscli

Introduction

To manage multiple AWS accounts or environments, you can configure multiple profiles in the AWS CLI using the ~/.aws/config and ~/.aws/credentials files. This setup is useful for development, debugging, and managing separate environments (e.g., development and production) without needing to restart or recreate containers when introducing new configurations or credentials.

Solution

Follow these steps to set up two or more AWS CLI profiles:

1. Open AWS Configuration Files

  • Configuration file: Located at ~/.aws/config.
  • Credentials file: Located at ~/.aws/credentials.

2. Add Profiles in the Configuration File (~/.aws/config)

  • Add entries for each profile with unique names.
  • For example: 
[default]
region = us-east-1
output = json

[profile dev]
region = us-west-2
output = json

[profile prod]
region = ap-south-1
output = json
Enter fullscreen mode Exit fullscreen mode

3. Add Credentials in the Credentials File (~/.aws/credentials)

  • Each profile requires its own access key and secret access key: 
[default]
aws_access_key_id = YOUR_DEFAULT_ACCESS_KEY
aws_secret_access_key = YOUR_DEFAULT_SECRET_KEY

[dev]
aws_access_key_id = YOUR_DEV_ACCESS_KEY
aws_secret_access_key = YOUR_DEV_SECRET_KEY

[prod]
aws_access_key_id = YOUR_PROD_ACCESS_KEY
aws_secret_access_key = YOUR_PROD_SECRET_KEY
Enter fullscreen mode Exit fullscreen mode

4. Use the Profiles

  • Specify the desired profile when running AWS CLI commands with the –profile flag:

  • For the dev profile:

aws s3 ls –profile dev
Enter fullscreen mode Exit fullscreen mode
  • For the prod profile: 
aws s3 ls --profile prod
Enter fullscreen mode Exit fullscreen mode

5. (Optional) Set Environment Variables

  • To temporarily set a profile as the default, use the AWS_PROFILE environment variable: 
export AWS_PROFILE=dev
Enter fullscreen mode Exit fullscreen mode
  • Now, AWS CLI commands will use the dev profile without requiring the –profile flag.

Notes

  • Replace YOUR_DEFAULT_ACCESS_KEY, YOUR_DEV_ACCESS_KEY, YOUR_PROD_ACCESS_KEY, YOUR_DEFAULT_SECRET_KEY, YOUR_DEV_SECRET_KEY, and YOUR_PROD_SECRET_KEY with your actual AWS access keys and secret keys.
  • Ensure the ~/.aws/ directory and files have appropriate permissions (e.g., chmod 600 ~/.aws/credentials).
  • If you encounter issues, verify the file formats and ensure no extra spaces or incorrect syntax are present.

Top comments (0)