[英]how to update aws keys in ~/.aws/credentials file for a profile using cli?
So I am under a security protocol which goes like this所以我在一个像这样的安全协议下
aws sts assume-role $PROJECT_IAM_ROLE_ARN --role-session-name $DUMMY_SESSION_NAME --profile $DESIRED_AWS_PROFILE > temp_credentials_file.json
现在对于不同的项目,允许这些本地 aws 配置文件使用命令aws sts assume-role $PROJECT_IAM_ROLE_ARN --role-session-name $DUMMY_SESSION_NAME --profile $DESIRED_AWS_PROFILE > temp_credentials_file.json
承担项目 IAM aws sts assume-role $PROJECT_IAM_ROLE_ARN --role-session-name $DUMMY_SESSION_NAME --profile $DESIRED_AWS_PROFILE > temp_credentials_file.json
{
"AssumedRoleUser": {
"AssumedRoleId": "dummy_aasume_role_id:DUMMY_SESSION_NAME_VALUE",
"Arn": "PROJECT_IAM_ROLE_ARN/DUMMY_SESSION_NAME_VALUE"
},
"Credentials": {
"SecretAccessKey": "dummy_SecretAccessKey",
"SessionToken": "dummy_SessionToken",
"Expiration": "_some_time_stamp",
"AccessKeyId": "dummy_AccessKeyId"
}
}
[profile_1]
aws_access_key_id = dummy_access_key_id_profile_1
aws_secret_access_key = dummy_aws_secret_access_key_profile_1
region = dummy_region_profile_1
aws_session_token = dummy_aws_session_token_profile_1
[profile_2]
aws_access_key_id = dummy_access_key_id_profile_2
aws_secret_access_key = dummy_aws_secret_access_key_profile_2
region = dummy_region_profile_2
aws_session_token = dummy_aws_session_token_profile_2
[profile_3]
aws_access_key_id = dummy_access_key_id_profile_3
aws_secret_access_key = dummy_aws_secret_access_key_profile_3
region = dummy_region_profile_3
aws_session_token = dummy_aws_session_token_profile_3
Now How do I read temp_credentials.json file , and set all 3 aws keys for any given profile in ~/.aws/credentials file via cli without affecting the other files现在如何读取 temp_credentials.json 文件,并通过 cli 为 ~/.aws/credentials 文件中的任何给定配置文件设置所有 3 个 aws 键,而不会影响其他文件
I have also tried我也试过
sudo aws configure set AccessKeyId dummy_value --profile profile_2
but it didn't work但它没有用
command goes successfully but content in ~/.aws/credentials file doesn't change命令成功执行,但 ~/.aws/credentials 文件中的内容没有改变
it should be something like:它应该是这样的:
aws configure set aws_access_key_id dummy_access_key_id_profile_1 --profile profile_1
aws configure set aws_secret_access_key dummy_aws_secret_access_key_profile_1 --profile profile_1
Names of the variables need to match these, supported by the configuration.变量的名称需要匹配这些,由配置支持。 In your example set AccessKeyId
attempts to set an invalid variable.在您的示例中, set AccessKeyId
尝试设置无效变量。 It need to be changed to set aws_access_key_id
需要更改以set aws_access_key_id
https://docs.aws.amazon.com/cli/latest/reference/configure/set.html https://docs.aws.amazon.com/cli/latest/reference/configure/set.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.