There are times when we want to use multiple AWS accounts but still keep using the same computer. We may want to separate our work and personal accounts.
When you use aws configure
command you're actually setting the default profile. To set your second account you just need to edit your credentials:
sudo nano ~/.aws/credentials
And create a new profile (I named it Cuneyt)
[default]
aws_access_key_id = MY_WORK_ACCESS_KEY
aws_secret_access_key = MY_WORK_SECRET_KEY
[cuneyt]
aws_access_key_id= MY_PERSONAL_ACCESS_KEY
aws_secret_access_key= MY_PERSONAL_SECRET_KEY
For Windows users this file can be found under user's profile folder:
C:\Users\USER_NAME\.aws\credentials
You can also set the config file
sudo nano ~/.aws/config
[default]
region = us-west-2
[profile cuneyt]
region = us-east-1
Now we're all done with creating the settings but how are we going to switch to the one that we want? It depends on the API you want to use.
For the console we need to set this special environment variable called AWS_PROFILE
. If I want to user my personal (cuneyt) account I need to set this variable to it.
For Linux and Mac:
export AWS_PROFILE=cuneyt
for Windows:
set AWS_PROFILE=cuneyt
So next time I execute a command like below AWS will be using my personal credentials:
aws s3api list-buckets
But what do I do if I'm using NodeJS or Python etc. libraries?
If I create a credential using SharedIniFileCredentials and set it to AWS config my NodeJS code will be using my personal account
var credentials = new AWS.SharedIniFileCredentials({profile: 'cuneyt'});
AWS.config.credentials = credentials;
And that's pretty much it.