I work with a lot of different AWS accounts and am constantly switching between them. I recently hacked together a really simple Bash script to ease a bit of the pain of juggling multiple
AWS_SECRET_KEY environment variables. This allows me to do something like:
[[email protected] ~]$ aws rbn RBN is active. [[email protected] ~]$ ec2-describe-vpcs --headers Entity VpcID State CIDR Block DHCPOptionsID VPC vpc-f5958d9e available 192.168.1.0/24 dopt-3b0e2750 default VPC vpc-270e274c available 172.17.0.0/16 dopt-3b0e2750 default
Since shell scripts can’t affect the environment variables of the parent process, we need to use the
source command. But I want to minimize keystrokes, we wrap
source around a simple alias.
Caution! Be sure to properly set the permissions on the script since it contains sensitive security information:
chmod 700 ~/bin/aws.sh. I’d also recommend that a new set of access keys be created using a new IAM account rather than using the account-wide credentials. This makes it less painful if the keys ever need to be revoked and allows them to configured for read-only access to AWS resources.
Bonus tip: multiple accounts in the browser
Use Chrome’s Incognito Mode (Windows: Ctrl+Shift+N, OSX: Ctrl+Cmd+N) if you need to login to the AWS Management Console using different accounts simultaneously. LastPass is a great extension for securely keeping track of access credentials. At RightBrain Networks, we use LastPass Enterprise and Yubikeys for two-factor authentication which solves the problem of needing to email each other passwords.