AWS CLI Profile Switching Made Easy
28 March, 2021
Why did i write this script?
I use the AWS CLI client a lot for work, where i constantly have to switch between different accounts.
I wrote this handy little Bash script that makes it easy to switch between profiles on the fly. No more setting environment variables or using the --profile
flag like a noob.
Script has been tested to work with Bash 5 on Ubuntu 20.04 and macOS Catalina (Version 10.15.7)
NOTE!
Edit 30.10.2022 - Use Awsume instead of this script.
The script
#!/bin/bash
# check args
if [[ $# -ne 1 ]]; then
echo "usage: aws-profile <profile name>"
echo "profiles can be defined in ~/.aws/credentials"
exit 0
else
# save original profile before exporting
original_profile=$(echo $AWS_DEFAULT_PROFILE)
export AWS_DEFAULT_PROFILE=${1}
fi
# Check if profile exists, revert if not
aws configure list
if [[ $? != 0 ]]; then
echo "aborting.."
export AWS_DEFAULT_PROFILE=${original_profile}
echo -e "\nDone"
else
echo -e "\nOK"
echo "switched to profile: ${1}"
fi
How it works
AWS CLI reads both the access and secret keys from environment variables AWS_ACCESS_KEY
and AWS_SECRET_ACCESS_KEY
respectfully.
Another way to supply the credentials is to create profiles in ~.aws/credentials
and point the AWS_DEFAULT_PROFILE
environment variable to one of them.
Here is a quick rundown on how the script works:
- Check the arguments. If there is not exactly one argument, print usage information and exit.
- Save whatever profile the user is currently using in case something goes wrong.
- Set the
AWS_DEFAULT_PROFILE
variable to whatever value we got as the argument - Run
aws configure list
and make sure exit code is 0, (success) then exit. - If exit code was not 0, revert to the profile the user was using before they ran the script.
How to use it
You need to have AWS CLI installed, this is left as an excercise to the reader. Make sure ~.aws/credentials
file exists, and if not then run
aws configure
or create it manually.
Example credentials file:
[default]
region = eu-north-1
AWS_ACCESS_KEY = foo
AWS_SECRET_ACCESS_KEY = bar
[client1]
region = eu-west-1
AWS_ACCESS_KEY = xyz
AWS_SECRET_ACCESS_KEY = asdfgh
All you need to do is configure your profiles there, and start using the script.
Bonus tip
Put the script in /usr/local/bin
and create a bash alias:
alias awsprofile="bash /usr/local/bin/aws_profile_switcher.sh"