Devops basics: how to work with multiple AWS accounts using aws cli

D

It happens rather fast when the number of AWS accounts becomes grater then two. So question appears how to deal with such a situation, how to switch between multiple AWS accounts in a fast and convenient way? It is not so complicated. The answer is – we need to configure AWS named profiles. Below is a typical scenario for Linux systems. After installing and configuring aws-cli we are getting default aws profile. Lets assume that now we have to operate at second aws account which we will call “second-aws-account” – generally you may call it whatever you want :). To configure AWS profile we have to to 2 things:

1. Open ~/.aws/config file with some editor, e,g vim or nano, and add below [default] section new profile part, e.g:

[default]
region = eu-central-1

[profile second-aws-account] //Use the prefix "profile" here + profile name
region = eu-west-1
[default]
region = eu-central-1

[profile second-aws-account] //Use the prefix "profile" here + profile name
region = eu-west-1

2. Open ~/.aws/credentials file with some editor, e,g vim or nano, and add below [default] section credentials related to new profile:

[default]
aws_access_key_id=YOUR_ACCESS_KEY
aws_secret_access_key=YOUR_SECRET_ACCESS_KEY

[second-aws-account] // Do not use the prefix "profile" - only profile name
aws_access_key_id=YOUR_ACCESS_KEY
aws_secret_access_key=YOUR_SECRET_ACCESS_KEY
[default]
aws_access_key_id=YOUR_ACCESS_KEY
aws_secret_access_key=YOUR_SECRET_ACCESS_KEY

[second-aws-account] // Do not use the prefix "profile" - only profile name
aws_access_key_id=YOUR_ACCESS_KEY
aws_secret_access_key=YOUR_SECRET_ACCESS_KEY

Verify that the profile is successfully added by aws configure list-profiles. You should now see 2 profiles: default and second-aws-account. To see your current profile use aws configure list command or configure your bash prompt to display your active aws profile name, which is better option as for me 🙂

To switch between profiles use next commands e.g: export AWS_PROFILE=default or export AWS_PROFILE=second-aws-account

That’s all – now you can easily use multiple AWS accounts at one PC without any headache 🙂

architecture AWS cluster cyber-security devops devops-basics docker elasticsearch flask geo high availability java machine learning opensearch php programming languages python recommendation systems search systems spring boot symfony