I work with many different AWS IAM Accounts and need to easily switch between these accounts. The good news is the AWS CLI tools now support a standard config file (~/.aws/config) that allows you to create profiles for multiple accounts in the one config file. You can select them when using the aws-cli with the --profile flag.
But many other tools don’t yet support the new format config file or multi-profiles. But they do support shell environment variables. So I wrote a simple ruby script that
- Allows you to specify the profile name as an argument
- Reads in the config file ~/.aws/config
- Outputs the export statements for publishing the environment variables
- You can eval the output to set the environment of your current shell session
So if you had a config file ~/.aws/config that looked like this:
[default] aws_access_key_id=AKI***********2A aws_secret_access_key=jt41************************************p region=us-east-1 [profile foo] aws_access_key_id=0K***************K82 aws_secret_access_key=2b+***********************************1g region=us-east-1 [profile bar] aws_access_key_id=AKI**************GA aws_secret_access_key=MG************************************/d region=us-east-1
If you don’t specify any argument to the command it will output the default profile:
$ aws_switch export AWS_ACCESS_KEY_ID=AKI***********2A export AWS_SECRET_ACCESS_KEY=jt41************************************p export AMAZON_ACCESS_KEY_ID=AKI***********2A export AMAZON_SECRET_ACCESS_KEY=jt41************************************p export AWS_ACCESS_KEY=AKI***********2A export AWS_SECRET_KEY=jt41************************************p
If you specified a profile (in this case foo):
$ aws_switch foo export AWS_ACCESS_KEY_ID=0K***************K82 export AWS_SECRET_ACCESS_KEY=2b+***********************************1g export AMAZON_ACCESS_KEY_ID=0K***************K82 export AMAZON_SECRET_ACCESS_KEY=2b+***********************************1g export AWS_ACCESS_KEY=0K***************K82 export AWS_SECRET_KEY=2b+***********************************1g
You would actually use it by eval’ing the output of aws_switch so it sets the variables in the environment of yhour current shell:
eval `aws_switch foo`
Here’s the code for aws_switch. Put it in someplace in your $PATH and make sure to chmod 0755 the file so its executable:
#!/usr/bin/env ruby
require 'inifile'
configs = IniFile.load(File.join(File.expand_path('~'), '.aws', 'config'))
profile_name_input = ARGV[0]
case profile_name_input
when 'default'
profile_name = 'default'
when nil
profile_name = 'default'
when ""
profile_name = 'default'
else
profile_name = "profile #{profile_name_input}"
end
id = configs[profile_name]['aws_access_key_id']
key = configs[profile_name]['aws_secret_access_key']
puts "export AWS_ACCESS_KEY_ID=#{id}"
puts "export AWS_SECRET_ACCESS_KEY=#{key}"
puts "export AMAZON_ACCESS_KEY_ID=#{id}"
puts "export AMAZON_SECRET_ACCESS_KEY=#{key}"
puts "export AWS_ACCESS_KEY=#{id}"
puts "export AWS_SECRET_KEY=#{key}"
