Loading...
 
The AWS CLI supports named profiles stored in the config and credentials files.

AWS Creating Profiles

The AWS CLI supports named profiles stored in the config and credentials files. You can configure additional profiles by using aws configure with the --profile option or by adding entries to the config and credentials files.1

The principle of least privilege (PoLP; also known as the principle of least authority) is an important concept in computer security, promoting minimal user profile privileges on computers, based on users' job necessities. It can also be applied to processes on the computer; each system component or process should have the least authority necessary to perform its duties. This helps reduce the "attack surface" of the computer by eliminating unnecessary privileges that can result in network exploits and computer compromises.2

Setup a User

AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups and use permissions to allow and deny their access to AWS resources.3

Provide the user with the proper permissions required to complete command line task(s) as needed, see Controlling Access Using Policies

Store a User's Credentials

When creating profiles having both the AWS Access Key ID and AWS Secret Access Key are required.

Create Profiles
$ aws configure --profile myprofile1
$ aws configure --profile myprofile2

Usage Examples

Specifying Parameter Values for the AWS Command Line Interface

Specifying Parameter Values
$ aws --profile myprofile1 --region us-east-1 ec2 describe-volume


Filter Name is always lower case, see Supported Filters ec2-describe-instances

Supported Filters
$ aws --profile myprofile1 --region us-west-1 ec2 describe-instances --filters "Name=instance-type,Values=m1.small,m1.medium"


Controlling Command Output from the AWS Command Line Interface

Controlling Command Output
$ aws --profile myprofile1 --region us-west-1 ec2 describe-instances --query "Reservations[*].Instances[*].[Placement.AvailabilityZone, State.Name, InstanceId]"


Creates an Amazon EBS-backed AMI

Create Instance Image
$ aws --profile myprofile1 --region us-west-1 ec2 create-image --instance-id i-123456 --name "MyAMIName" --description "Some Description"

Last edited by MichaelAlber .
Page last modified on Sunday March 17, 2019 19:14:48 UTC.