How to configure IAM user on your Linux machine to manage AWS accounts?

To configure IAM user on awscli, you need to set the privilege by executing use the following command:

aws configure


Default output format:

$ aws configure
AWS Access Key ID [None]: AKIADFDGFGFGFGFGFGAMPLE
AWS Secret Access Key [None]: DiCYEXAMPLEKEYFDFDFDFDFDFDF/FDFDFD
Default region name [None]: us-west-2
Default output format [None]: json


The first two part is mandatory. You can find those details from the AWS IAM user section. Steps are mentioned below:

1. Open the IAM console.

2. In the navigation pane of the console, choose Users.

3. Choose your IAM user name.

4. Choose the Security credentials tab and then choose Create access key.

5. To see the new access key, choose Show. Your credentials will look something like this:

Access key ID: AKIADFDGFGFGFGFGFGAMPLE
Secret access key: DiCYEXAMPLEKEYFDFDFDFDFDFDF/FDFDFD


Is it possible to configure multiple IAM user on a single Linux machine?

Yes, it’s possible. You can configure multiple IAM user on one single Linux machine.


How to configure multiple IAM user on single Linux machine?

This can be done by executing the same command “aws configure” with –profile option. You can configure many IAM users using the same command. Please see the sample:

aws configure --profile user2
AWS Access Key ID [None]: AKIADDDDDFFFFXAMPLE
AWS Secret Access Key [None]: je7MSDSDSDS/2Zp9Utk/h3yCo8DMPLEKSDSDEY
Default region name [None]: us-east-1
Default output format [None]: text
aws configure --profile user3
AWS Access Key ID [None]: AKDFGEWCDDFFFDGTRE
AWS Secret Access Key [None]: je7MSDFDFGFGDSDS/2FGFGFGtk/h3yCFGFGFGKSDSDEY
Default region name [None]: us-east-1
Default output format [None]: json


How to use different IAM user profile with awscli command?

The same option –profile can use along with awscli command to manage different AWS services. Please see the example:

aws s3 ls 

test1
test2
test3
aws s3 ls --profile user2

test4
test5
test6


The first command uses the IAM profile one and list all the S3 buckets associated with that IAM user and the second command lists buckets of second IAM user.

Note: We consider those IAM users have permission to access S3 buckets of different AWS accounts.


How to check all the IAM user configured on your machine?

When you configure an IAM user on your machine, the details will be stored in the following location:

/root/.aws
[root@ip-172-31-53-249 .aws]# ll
total 8
-rw------- 1 root root  90 Feb 14 11:34 config
-rw------- 1 root root 344 Feb 14 11:34 credentials
[root@ip-14-4-44 .aws]# cat config
[default]
region = ap-southeast-1
[profile user2]
region = ap-southeast-1
[profile user3]
[root@ip-172-31-53-249 .aws]# cat credentials 
[default]
aws_access_key_id = AKI1111111RSLOA
aws_secret_access_key = Lf9IJW11111111111KToLTJKToPl
[user2]
aws_access_key_id = AKIA2222222RSLOA
aws_secret_access_key = Lf9IJW+22222222222oLTJKToPl
[user3]
aws_access_key_id = AKIAI33333333DZBA
aws_secret_access_key = FDVawY33333333333M17mvQ2HeX
 

The file credentials store Access key and Secret key.

Was this answer helpful? 0 Users Found This Useful (0 Votes)