I am new to aws and very new to linux. I created profiles in ~/.aws/config
[default]
[profile admin]
region = us-east-1
[profile serverless]
region = ap-southeast-1
[profile dev]
admin_access_key = blablabla
admin_secret_key = blablabla
But how do I delete them? using the command line or editing the file directly?
Just use your favorite text editor and delete the profile you do not need The profiles are delimited by the next profile. If you want to delete profile serverless.
[default]
[profile admin]
region = us-east-1
[profile dev]
admin_access_key = blablabla
admin_secret_key = blablabla
Related
I have a ~/.aws/config that looks something like this:
[default]
region = us-east-1
[profile foo]
region = us-east-1
[profile foo-iam-manager]
role_arn = arn:aws:iam::012345678984:role/iam-manager
source_profile = foo
[profile foo-secrets-manager]
role_arn = arn:aws:iam::012345678984:role/secrets-manager
source_profile = foo
If I run:
aws --profile foo-iam-manager iam list-roles
It works great!
But if I run:
aws --profile foo-secrets-manager secretsmanager list-secrets
Then it fails with:
You must specify a region. You can also configure your region by running "aws configure".
And indeed, if I update ~/.aws/config to look like...
[default]
region = us-east-1
[profile foo]
region = us-east-1
[profile foo-iam-manager]
role_arn = arn:aws:iam::012345678984:role/iam-manager
source_profile = foo
[profile foo-secrets-manager]
role_arn = arn:aws:iam::012345678984:role/secrets-manager
source_profile = foo
region = us-east-1
...then everything works. Why does the foo-iam-manager profile work
just fine without a region setting in the profile, but
foo-secrets-manager requires one? I thought it would pull the
appropriate value from the source_profile setting.
We have an AWS EC2 instance, where someone has removed the USER CREDIANTIALS.
So when we run the .aws/credentials we get a aws_access_key_id & aws_secret_access_key which doesn't exists anymore.
ubuntu#prod-ip-000:~$ cat .aws/credentials
[default]
aws_access_key_id = AKIASIY3TRVDD7QZXXXX
aws_secret_access_key = f7rA1eebxzdd61yP4vPTNql09FxgZZam/V5HxxXx
Now I have created another user and add their aws_access_key_id & aws_secret_access_key on the server by
export AWS_ACCESS_KEY_ID=AKIASIY3TRVDCDXXXXXX
export AWS_SECRET_ACCESS_KEY=cgGjUlh5FDPLpUVBBK5Rl8jlWKV6Iv4NrXXXXXX
After that when I run cat .aws/credentials again it still show me the previous user crediantials.
ubuntu#prod-ip-000:~$ cat .aws/credentials
[default]
aws_access_key_id = AKIASIY3TRVDD7QZXXXX
aws_secret_access_key = f7rA1eebxzdd61yP4vPTNql09FxgZZam/V5HxxXx
Does anyone know how can I change the Crediantials of the Old one with the new user's credentials?
Go to the .aws/credetials file and use vim or nano to edit the file and replace the older credentials with your new credentials it will work.
For AWS CLI configuration and credentials files how do you connect the entries in these files? It is like my credentials work, but my config file does not, though the default profile works.
I am presently getting an error: You must specify a region. You can also configure your region by running "aws configure" when running something like:
aws ec2 describe-instances --profile devenv
However if I run the command:
aws s3api list-buckets --profile devenv
then I get a sensible response, a list of buckets.
Here are the credentials and config files:
~/.aws/credentials
[default]
aws_access_key_id = AAAAAAAAAA
aws_secret_access_key = BBBBBBBBBB
[devenv]
aws_access_key_id = CCCCCCCCCC
aws_secret_access_key = DDDDDDDDDD
[testenv]
aws_access_key_id = EEEEEEEEEE
aws_secret_access_key = FFFFFFFFFF
~/.aws/config
[default]
region = us-east-1
output = json
[devenv]
region = us-west-2
output = json
[testenv]
region = us-east-2
output = json
The problem here is the attention paid to constructing the ~/.aws/config file.
The "default" entry does not need to be prefaced by the word "profile". The non-default entries need a "profile" prefix. Because the default doesn't require the word "profile," while it works, manually constructed, or built using the aws configure command, it is not a model for the format the other entries require.
~/.aws/config
[default]
region = us-east-1
output = json
[profile devenv]
region = us-west-2
output = json
[profile testenv]
region = us-east-2
output = json
This is content of my "config" file:
[default]
region = us-west-1
output = json
[profile reader]
region = region=us-west-1
output = json
[profile writer]
region = region=us-west-1
output = json
This is content of my "credentials" file
[default]
aws_access_key_id = .....................J6O
aws_secret_access_key = .................PNM/a
[reader]
aws_access_key_id = .....................PPF
aws_secret_access_key = .................iPQ46
[writer]
aws_access_key_id = .....................J6O
aws_secret_access_key = .................PNM/a
This is command I use in AWS CLI:
C:\Users\Evgeni\.aws>aws s3 mb s3://rofl.easy-breezy.kek --profile=writer
When I try to run it, I have this error:
Invalid endpoint: https://s3.region=us-west-1.amazonaws.com
But if I run it with specified --region parameter - it works fine:
C:\Users\Evgeni\.aws>aws s3 mb s3://yewfy.topkek.azaza44666 --profile=writer --region=us-west-1
make_bucket: yewfy.topkek.azaza44666
What am I doing wrong?
your config file says
region = region=us-west-1
in two places. remove the extra region= from those lines
You have typo in the config:
region = region=us-west-1
For AWS CLI configuration and credentials files how do you comment out lines in these files - I checked the documentation here http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-config-files but found nothing.
e.g.
~/.aws/credentials
[default]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = YYYYYYYY
[qa]
aws_access_key_id = AAAAAAAAA
aws_secret_access_key = BBBBBB
~/.aws/config
[default]
region = us-east-1
[profile qa]
region = us-west-2
[profile staging]
region = us-east-2
You can comment lines by using the # character, e.g.
[default]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = YYYYYYYY
#[qa]
#aws_access_key_id = AAAAAAAAA
#aws_secret_access_key = BBBBBB