发表新帖
发表新帖

passing access and secret key aws cli

前端 未结
关注
11 927
旧巷少年郎
旧巷少年郎 2020-12-24 01:06

I am trying to embed access and secret key along with aws cli. e.g.

aws ec2 describe-instances --aws-access-key  --aws-secret-key
相关标签:
11条回答
  • 野趣味
    2020-12-24 01:45

    You can also use aws configure:

    $ aws configure
AWS Access Key ID [None]: xxxxxxxxxxxxxxxxxxxxxxxxx
AWS Secret Access Key [None]: xxxxxxxxxxxxxxxxxxxxxxxxx
    0 讨论(0)
  • 萌比男神i
    2020-12-24 01:47

    You can set credentials with:

    aws configure set aws_access_key_id <yourAccessKey>
aws configure set aws_secret_access_key <yourSecretKey>

    Verify your credentials with:

    aws sts get-caller-identity

    For more information on set command:

    aws configure set help

    General pattern is:

    aws <command> help
aws <command> <subcommand> help

    Note: Before overriding your credentials, you may want to keep a copy of it:

    aws configure get aws_access_key_id
aws configure get aws_secret_access_key
    0 讨论(0)
  • 轮回少年
    2020-12-24 01:49

    Summarizing the aws doc, there several ways to pass credentials to the command line. Please note that there are no command line options to pass in the the key and secret key directly. The "provider chain" is used instead.

    In my bash scripts, I often use environment variables. To add a tiny bit of security, I source a file containing the variables rather than putting them in the script. With named profiles, it's even easier.

    The provider chain is:

    1. command line options: specify region, output format, or profile
    2. Environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN
    3. The AWS credentials file – located at ~/.aws/credentials on Linux, macOS, or Unix, or at C:\Users\USERNAME .aws\credentials on Windows. This file can contain multiple named profiles in addition to a default profile.
    4. The CLI configuration file – typically located at ~/.aws/config on Linux, macOS, or Unix, or at C:\Users\USERNAME .aws\config on Windows. This file can contain a default profile, named profiles, and CLI specific configuration parameters for each.
    5. Container credentials – provided by Amazon Elastic Container Service on container instances when you assign a role to your task.
    6. Instance profile credentials – these credentials can be used on EC2 instances with an assigned instance role, and are delivered through the Amazon EC2 metadata service.
    0 讨论(0)
  • 闹比i
    2020-12-24 01:50

    Use the access key and id is not recommended as it will be stored in config file. Better approach is to create an IAM role and give required access which you need.

    0 讨论(0)
  • 遇见更好的自我
    2020-12-24 01:51

    You should store your credentials to ~/.aws/config file (or .aws/credentials)

    More info how to setup it http://docs.aws.amazon.com/cli/latest/reference/configure/index.html

    Also as alternative way you can create IAM role and certain policy and set it to you ec2 instance where you will use aws cli, then you won't need any credentials setup there

    0 讨论(0)
 看不清?
提交回复
热议问题