Change AWS EC2 instance aws_access_key_id & aws_secret_access_key - amazon-web-services

We have an AWS EC2 instance, where someone has removed the USER CREDIANTIALS.
So when we run the .aws/credentials we get a aws_access_key_id & aws_secret_access_key which doesn't exists anymore.
ubuntu#prod-ip-000:~$ cat .aws/credentials
[default]
aws_access_key_id = AKIASIY3TRVDD7QZXXXX
aws_secret_access_key = f7rA1eebxzdd61yP4vPTNql09FxgZZam/V5HxxXx
Now I have created another user and add their aws_access_key_id & aws_secret_access_key on the server by
export AWS_ACCESS_KEY_ID=AKIASIY3TRVDCDXXXXXX
export AWS_SECRET_ACCESS_KEY=cgGjUlh5FDPLpUVBBK5Rl8jlWKV6Iv4NrXXXXXX
After that when I run cat .aws/credentials again it still show me the previous user crediantials.
ubuntu#prod-ip-000:~$ cat .aws/credentials
[default]
aws_access_key_id = AKIASIY3TRVDD7QZXXXX
aws_secret_access_key = f7rA1eebxzdd61yP4vPTNql09FxgZZam/V5HxxXx
Does anyone know how can I change the Crediantials of the Old one with the new user's credentials?

Go to the .aws/credetials file and use vim or nano to edit the file and replace the older credentials with your new credentials it will work.

Related

aws configure list show me nothing

Assume I am on a Mac and I have a ~/.aws/config file:
[profile cicd]
region = us-west-2
output = json
[profile prod]
region = us-west-2
output = json
And also a ~/.aws/credentials file:
[cicd]
aws_access_key_id = 12345
aws_secret_access_key = 12345
[prod]
aws_access_key_id = 12345
aws_secret_access_key = 12345
If I run:
aws configure list
I get:
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key <not set> None None
secret_key <not set> None None
region <not set> None None
What have I done wrong?
Also, the company I work for has multiple AWS accounts. The cicd profile runs in one AWS account, and the prod runs in a different AWS account. A I supposed to record that fact in the AWS config files?
aws configure list just lists the current AWS credentials that you are using. It doesn't list all the available credentials you have configured on your system. The name of the command is really misleading.
It is currently showing that you have no credentials configured, because you haven't done anything to specify that you want to use one of those profiles in your config/credential files.
If you did something to select a profile, like:
export AWS_PROFILE=cicd
Then you would see some details about that particular profile when you run aws configure list.

Why does the AWS CLI error "You must specify a region." occur when I have a region specified in the ~/.aws/config file?

For AWS CLI configuration and credentials files how do you connect the entries in these files? It is like my credentials work, but my config file does not, though the default profile works.
I am presently getting an error: You must specify a region. You can also configure your region by running "aws configure" when running something like:
aws ec2 describe-instances --profile devenv
However if I run the command:
aws s3api list-buckets --profile devenv
then I get a sensible response, a list of buckets.
Here are the credentials and config files:
~/.aws/credentials
[default]
aws_access_key_id = AAAAAAAAAA
aws_secret_access_key = BBBBBBBBBB
[devenv]
aws_access_key_id = CCCCCCCCCC
aws_secret_access_key = DDDDDDDDDD
[testenv]
aws_access_key_id = EEEEEEEEEE
aws_secret_access_key = FFFFFFFFFF
~/.aws/config
[default]
region = us-east-1
output = json
[devenv]
region = us-west-2
output = json
[testenv]
region = us-east-2
output = json
The problem here is the attention paid to constructing the ~/.aws/config file.
The "default" entry does not need to be prefaced by the word "profile". The non-default entries need a "profile" prefix. Because the default doesn't require the word "profile," while it works, manually constructed, or built using the aws configure command, it is not a model for the format the other entries require.
~/.aws/config
[default]
region = us-east-1
output = json
[profile devenv]
region = us-west-2
output = json
[profile testenv]
region = us-east-2
output = json

I'm not able to create bucket in Amazon S3 using AWS CLI

This is content of my "config" file:
[default]
region = us-west-1
output = json
[profile reader]
region = region=us-west-1
output = json
[profile writer]
region = region=us-west-1
output = json
This is content of my "credentials" file
[default]
aws_access_key_id = .....................J6O
aws_secret_access_key = .................PNM/a
[reader]
aws_access_key_id = .....................PPF
aws_secret_access_key = .................iPQ46
[writer]
aws_access_key_id = .....................J6O
aws_secret_access_key = .................PNM/a
This is command I use in AWS CLI:
C:\Users\Evgeni\.aws>aws s3 mb s3://rofl.easy-breezy.kek --profile=writer
When I try to run it, I have this error:
Invalid endpoint: https://s3.region=us-west-1.amazonaws.com
But if I run it with specified --region parameter - it works fine:
C:\Users\Evgeni\.aws>aws s3 mb s3://yewfy.topkek.azaza44666 --profile=writer --region=us-west-1
make_bucket: yewfy.topkek.azaza44666
What am I doing wrong?
your config file says
region = region=us-west-1
in two places. remove the extra region= from those lines
You have typo in the config:
region = region=us-west-1

how to delete a profile in ~/.aws/config file

I am new to aws and very new to linux. I created profiles in ~/.aws/config
[default]
[profile admin]
region = us-east-1
[profile serverless]
region = ap-southeast-1
[profile dev]
admin_access_key = blablabla
admin_secret_key = blablabla
But how do I delete them? using the command line or editing the file directly?
Just use your favorite text editor and delete the profile you do not need The profiles are delimited by the next profile. If you want to delete profile serverless.
[default]
[profile admin]
region = us-east-1
[profile dev]
admin_access_key = blablabla
admin_secret_key = blablabla

How do you comment out lines in AWS CLI config and credentials files?

For AWS CLI configuration and credentials files how do you comment out lines in these files - I checked the documentation here http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-config-files but found nothing.
e.g.
~/.aws/credentials
[default]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = YYYYYYYY
[qa]
aws_access_key_id = AAAAAAAAA
aws_secret_access_key = BBBBBB
~/.aws/config
[default]
region = us-east-1
[profile qa]
region = us-west-2
[profile staging]
region = us-east-2
You can comment lines by using the # character, e.g.
[default]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = YYYYYYYY
#[qa]
#aws_access_key_id = AAAAAAAAA
#aws_secret_access_key = BBBBBB