1.7 KiB
Configuration
This tool uses boto3 under the hood which supports a number of different ways of providing your AWS credentials.
If you have an existing ~/.aws/config
or ~/.aws/credentials
file the tool will use that.
One way to create those files is using the aws configure
command, available if you first run pip install awscli
.
Alternatively, you can set the AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
environment variables before calling this tool.
You can also use the --access-key=
, --secret-key=
, --session-token
and --auth
options documented below.
Common command options
All of the s3-credentials
commands also accept the following options for authenticating against AWS:
--access-key
: AWS access key ID--secret-key
: AWS secret access key--session-token
: AWS session token--endpoint-url
: Custom endpoint URL--auth
: file (or-
for standard input) containing credentials to use
The file passed to --auth
can be either a JSON file or an INI file. JSON files should contain the following:
{
"AccessKeyId": "AKIAWXFXAIOZA5IR5PY4",
"SecretAccessKey": "g63..."
}
The JSON file can also optionally include a session token in a "SessionToken"
key.
The INI format variant of this file should look like this:
[default]
aws_access_key_id=AKIAWXFXAIOZNCR2ST7S
aws_secret_access_key=g63...
Any section headers will do - the tool will use the information from the first section it finds in the file which has a aws_access_key_id
key.
These auth file formats are the same as those that can be created using the create
command.