Including a task profile to your CLI configuration to entry a number of environments
While you run an AWS CLI script you could get an error telling you {that a} profile doesn’t exist.
Which means your script is anticipating to run utilizing a particular set of credentials which have entry to explicit sources.
You may need to arrange completely different profiles and have the opportunity change between them to entry issues that require completely different units of permissions when making calls utilizing the AWS CLI. That’s what named profiles are for:
The straightforward method so as to add a set of credentials for a task profile utilizing AWS KMS keys can be to run this command.
aws configure --profile your_profile_name
You may be prompted to your AWS KMS entry key id and secret entry key.
You too can assume an AWS position as a substitute of placing your credentials on the AMI. Positively do this if you’re not imposing MFA. Nevertheless anybody with entry to the host can nonetheless leverage the credentials on the host similar to they’ll use the keys. In actual fact, the rotating credentials utilized by the position are similar to developer entry keys.
You may apply extra permissions by imposing MFA:
As well as, you may leverage an exterior ID to get across the “confused deputy” drawback for extra safety.
Configuring your AWS CLI profile for MFA and an Exterior ID:
If this helped you otherwise you had this drawback, please clap!
Teri Radichel — Comply with me @teriradichel on Twitter
© 2nd Sight Lab 2022
____________________________________________
About this weblog:
Need to be taught extra about Cybersecurity and Cloud Safety? Take a look at: Cybersecurity for Executives within the Age of Cloud on Amazon
Want Cloud Safety Coaching? 2nd Sight Lab Cloud Safety Coaching
Is your cloud safe? Rent 2nd Sight Lab for a penetration take a look at or safety evaluation.
Have a Cybersecurity or Cloud Safety Query? Ask Teri Radichel by scheduling a name with IANS Analysis.
Cybersecurity & Cloud Safety Sources by Teri Radichel: Cybersecurity and Cloud safety courses, articles, white papers, shows, and podcasts
