AWS account setup
  • AWS account setup
  • How to
    • How to log in to the AWS console
    • How to get credentials for working locally, e.g. the AWS CLI
    • How to select a role in the AWS CLI
    • How to get credentials for staff who aren't developers
  • Users, IAM roles, accounts, and so on
    • Introduction
    • What are our AWS accounts?
    • What is an initial role?
    • What are our standard roles?
  • Networking
    • Our VPC setup
Powered by GitBook
On this page
  1. How to

How to select a role in the AWS CLI

PreviousHow to get credentials for working locally, e.g. the AWS CLINextHow to get credentials for staff who aren't developers

Last updated 1 year ago

Once you have , you need to configure the roles you want to use in ~/.aws/credentials.

  1. Append the contents of to your ~/.aws/credentials file.

    This contains a list of , e.g. a profile for the read-only role in the platform account:

    [platform-read_only]
source_profile=default
role_arn=arn:aws:iam::760097843905:role/platform-read_only
region=eu-west-1

    The list is generated automatically by the create_account_role_config.py script.

  2. To select a role, pass the AWS_PROFILE environment variable with the name of the profile.

    For example, these S3 commands will run in the platform, catalogue, and workflow accounts, respectively:

    $ AWS_PROFILE=platform-read_only aws s3 ls

$ AWS_PROFILE=catalogue-developer aws s3 ls

$ AWS_PROFILE=workflow-admin aws s3 ls
CLI credentials
credentials.ini
named profiles