Passing access and aws cli secret key

Question

Passing access and aws cli secret key

I am trying to inject access and private key with aws cli. eg.

aws ec2 describe-instances --aws-access-key <access_key> --aws-secret-key <secret_key>

The -o and -w options are also used to access the private key, respectively. It says: Unknown parameter aws-access-key and aws-secret-key

+24

aws-cli

user3089927 Apr 28 '15 at 0:04

source share

9 answers

Danh · Answer 1 · 2017-02-08T10:49:01+0000

You can provide keys on the command line through envars:

 AWS_ACCESS_KEY_ID=ABCD AWS_SECRET_ACCESS_KEY=EF1234 aws ec2 describe-instances

See http://docs.aws.amazon.com/cli/latest/topic/config-vars.html#credentials

EDIT: @wisbucky noted that this can leave secrets in the history of your team. One way to get around this in bash at least, I think, is to add the command to an empty space, and the command should not extend to your bash history.

ulubeyn · Answer 2 · 2018-09-13T10:29:43+0000

You can use it like that;

 aws configure set aws_access_key_id <yourAccessKey> aws configure set aws_secret_access_key <yourSecretKey>

For more information, use this;

 aws configure set help

General pattern:

 aws <command> help aws <command> <subcommand> help

Hope this helps!

Lhwizard · Answer 3 · 2018-08-16T13:53:39+0000

To summarize aws doc , there are several ways to pass credentials to the command line. Please note that there are no command line options for passing the key and private key directly. Instead, a "provider chain" is used.

In my bash scripts, I often use environment variables. To add a little security, I create a file containing the variables, and not put them in a script. With named profiles, this is even easier.

Supply Chain:

command line options: specify region, output format or profile
Environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN
AWS Credentials File - Located at ~ / .aws / credentials on Linux, macOS, or Unix, or at C: \ Users \ USERNAME.aws \ credentials on Windows. This file can contain several named profiles in addition to the default profile.
CLI configuration file - usually located in ~ / .aws / config on Linux, macOS or Unix, or in C: \ Users \ USERNAME.aws \ config on Windows. This file can contain a default profile, named profiles, and specific CLI configuration settings for each.
Container credentials - Provided by Amazon Elastic Container Service in container cases when you assign a role to your task.
Instance profile credentials — These credentials can be used in EC2 instances with the assigned instance role and delivered through the Amazon EC2 metadata service.

MaxNevermind · Answer 4 · 2017-07-04T06:37:58+0000

You can also use aws configure:

 $ aws configure AWS Access Key ID [None]: xxxxxxxxxxxxxxxxxxxxxxxxx AWS Secret Access Key [None]: xxxxxxxxxxxxxxxxxxxxxxxxx

Peycho dimitrov · Answer 5 · 2015-05-21T19:27:38+0000

It’s best and safest to use IAM roles. There you can set certain rights to this instance and access to it in your account.

Depending on which version of awscli you are using, you can use instance descriptions in several ways.

Like this:

 ec2din -O your-key -W your-secret-key --region your-region

There is also a big difference when you install awscli with pip installation or from pkg, such as the debug debug package.

ec2din - short command for ec2-describe-instance

Other examples here: ec2-describe instances

Sincerely.

costamatrix · Answer 6 · 2019-03-18T13:21:21+0000

I had to access multiple accounts on Amazon .... so my solution is:

in: ~ / .aws / config

[default] aws_access_key_id = xxxx aws_secret_access_key = xxxxxx region = sa-east-1 output = text
[profile prof1] region = us-east-1 output = text aws_access_key_id = yyy aws_secret_access_key = yyyyy
[profile prof2] region = us-east-1 output = text aws_access_key_id = wwwwww aws_secret_access_key = wwwww

..and then, when aws CLI was called, I passed the "--profile" parameter as:

/ usr / local / bin / aws ec2 describe-security-groups --group-ids sg-xxxx --profile prof2

...this is!

Evgeniy Kuzmin · Answer 7 · 2015-04-28T15:54:17+0000

You must save your credentials in the file ~ / .aws / config (or .aws / credentials)

Learn more about how to set it up. Http://docs.aws.amazon.com/cli/latest/reference/configure/index.html

Also, as an alternative way, you can create an IAM role and a specific policy and set it for your ec2 instance, where you will use aws cli, then you will not need any credential settings there.

Prashanth sams · Answer 8 · 2018-11-08T07:30:25+0000

To access aws through cli,

 aws configure

pacificgilly1992 · Answer 9 · 2019-09-06T15:41:48+0000

Another method is to use echo with aws configuration as a single line:

 echo -ne '%s\n%s\n%s\n%s\n' <access_key> <security_key> <region> <output> | aws configure

Passing access and aws cli secret key

More articles: