AWS CLI tools will create and use a default profile if not specified. What it means is that, a profile named default will be created if you don't specify a profile when configuring your AWS CLI tools and the default profile will be used if you don't specify any profile when executing your AWS CLI tools.

You can create and use multiple profiles for your AWS CLI tools by using --profile option when running the aws commands.

Steps to create multiple profiles on AWS CLI:

AWS calls this named profiles and you can create a named profile via these steps:

  1. Run aws configure with --profile option.
    $ aws configure --profile second_user
  2. Enter AWS Access Key ID for the new profile.
    AWS Access Key ID [None]: AKIAJF4JT25ZZYGCTTVA
  3. Enter AWS Secret Access Key for the new profile.
    AWS Secret Access Key [None]: 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
  4. Enter Default region name for the new profile.
    Default region name [None]:
  5. Enter Default output format for the new profile.
    Default output format [None]:

  6. Check configuration file if file is properly created.
    $ cat .aws/credentials
    aws_access_key_id = AKIAIPXU35JJQNVVMDOQ
    aws_secret_access_key = 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
    aws_access_key_id = AKIAJF4JT25ZZYGCTTVA
    aws_secret_access_key = N2ylUSpbR5cenv+0/YcuqdvOPtaOVsZrf0UY1TMA

Use multiple profiles on AWS CLI

Once configured, you can use the same --profile option in any of your aws commands to use your other profiles. Here's an example of using the profile configured in the above steps:

$ aws s3 ls --profile second_user

An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied

The IAM user configured for the profile does not have S3 access, so the error is expected.

Discuss the article:

Comment anonymously. Login not required.