AWS - Creating additional profile - why, how & its usage with terraform
- Subhabrata Datta
- Jun 14, 2020
- 2 min read
Updated: Jun 16, 2020
Why Create an additional AWS profile? How to Create an AWS profile? Verifying if the AWS profile has been configured properly ? How to use an AWS profile in terraform code ?
Ø Why Create an additional AWS profile?
Key and Secret key are required to access our AWS account (both root user and IAM user) using code or any program. An AWS profile contains these details (and additional info) which is used by the AWS CLI command to login into AWS as the root user/IAM user.
Configuring an additional AWS profile is recommended so that we don’t need to write our root user or IAM user key & secret key in our terraform code & we can can pass these details by using the profile. And this is a good practice from security perspective for obvious reasons.
Also configuring multiple AWS profiles is required if we want to use different AWS users for our project.
Ø How to Create an AWS profile?
[ Pre-requisite: You need to have AWS CLI installed on your pc, to use the AWS commands. If you are using windows here is the link to download AWS CLI https://awscli.amazonaws.com/AWSCLIV2.msi . AWS CLI is regularly updated and you can check for future updates on https://github.com/aws/aws-cli/releases .
If you are not using windows please go to https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-windows.html ]
Following command have been used to configure the profile named fiero using AWS CLI
aws configure --profile fiero 
Provide the Access Key ID & AWS Secret Access key of the IAM user you want to use for accessing various AWS services.
(You will get these details only one time, when you create an IAM user. I have used an IAM user which I created earlier with Poweruser access i.e. it has all accesses except Billing Dashboard & IAM).
Now we can use this profile in our terraform code to pass the values of key, secret key.
Ø Verifying if the AWS profile has been configured properly ?
We can check if our profile has been configured properly by checking out if we are getting proper output of aws command with option --profile e.g.
aws ec2 describe-instance --profile fiero
Ø How to use an AWS profile in terraform code ?
We need to input the profile name inside provider block in the terraform code as shown below
provider "aws" {
region = "ap-south-1"
profile = "fiero"
}
Comments