Is there a way to export my AWS CLI profile to environment variables?

Question

Is there a way to export my AWS CLI profile to environment variables?

When working with some third-party tools, such as Terraform, it is not easy to specify an AWS CLI profile, and I like working with environment variables better than with profiles.

Is there a way for me to AWS CLI just export your current profile as an environment variable AWS_ACCESS_KEY_IDand AWS_SECRET_KEYin my session?

+13

amazon-web-services aws-cli

Naftuli Kay Nov 28 '16 at 19:42

source share

5 answers

aws configure get default.aws_access_key_id
aws configure get default.aws_secret_access_key

, , -

aws configure get aws_access_key_id --profile <new_profile>
aws configure get aws_secret_access_key --profile <new_profile>

, ,

export TF_VAR_access_key=`aws configure get default.aws_access_key_id`

+26

Frédéric Henri 28 . '16 20:27

Terraform CLI AWS: profile aws.

:

provider "aws" {
  profile = "my_profile"
}

, , :

export AWS_ACCESS_KEY_ID=$(aws configure get my_profile.aws_access_key_id)
export AWS_SECRET_ACCESS_KEY=$(aws configure get my_profile.aws_secret_access_key)

, :

AWS_ACCESS_KEY_ID=$(aws configure get my_profile.aws_access_key_id) \
AWS_SECRET_ACCESS_KEY=$(aws configure get my_profile.aws_secret_access_key) \
./script.sh

" "

, role_arn, , ( ).

:

read AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN <<< \
   $(aws sts assume-role                                           \
     --role-arn $(aws configure get my_profile.role_arn)           \
     --role-session-name my_profile_session --output text |        \
     awk '/^CREDENTIALS/ { print $2, $4, $5 }')

+6

Enrico M. 07 . '18 23:50

Kay script, , :

PROFILES=$(awk -F"\\\]|\\\[" '/^\[/{print $2}' ~/.aws/credentials)

select PROFILE in $PROFILES; do
  export AWS_ACCESS_KEY_ID="$(aws configure get aws_access_key_id --profile $PROFILE)"
  export AWS_SECRET_ACCESS_KEY="$(aws configure get aws_secret_access_key --profile $PROFILE)"
  export AWS_DEFAULT_REGION="$(aws configure get region --profile $PROFILE)"
  break
done

echo AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
echo AWS_SECRET_ACCESS_KEY=$(echo $AWS_SECRET_ACCESS_KEY|tr '[:print:]' '*')
echo AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION

, source (.) .

+1

AXE-Labs 30 . '17 21:47

( ). script python3, boto3, . .

#!/usr/bin/env python3

# export the AWS environment for a given profile

import boto3
import argparse

parser = argparse.ArgumentParser(prog="exportaws",
    description="Extract AWS credentials for a profile as env variables.")
parser.add_argument("profile", help="profile name in ~/.aws/config.")
args = parser.parse_args()
creds = boto3.session.Session(profile_name=args.profile).get_credentials()
print(f'export AWS_ACCESS_KEY={creds.access_key}')
print(f'export AWS_SECRET_ACCESS_KEY={creds.secret_key}')
print(f'export AWS_SESSION_TOKEN={creds.token}')

+1

Tom Bortels 22 . '18 20:00

Naftuli Kay · Accepted Answer · 2016-11-29T19:34:11+0000

There used to be no way , but now there is.

I wrote a script for this aws-env:

usage: aws-env [-h] [-n] profile

Extract AWS credentials for a given profile as environment variables.

positional arguments:
  profile          The profile in ~/.aws/credentials to extract credentials
                   for.

optional arguments:
  -h, --help       show this help message and exit
  -n, --no-export  Do not use export on the variables.

If you trust the output of this program, you can use it in your shell session to export variables of this profile:

$ aws-env profile-name
export AWS_ACCESS_KEY_ID=...
export AWS_SECRET_ACCESS_KEY=...
$ aws-env -n profile-name
AWS_ACCESS_KEY_ID=...
AWS_SECRET_ACCESS_KEY=...

, ( , , ;]):

$ echo $AWS_ACCESS_KEY_ID

$ $(aws-env profile-name)
$ echo $AWS_ACCESS_KEY_ID
AKJHC...

Is there a way to export my AWS CLI profile to environment variables?

" "

More articles: