AWS - Using Named Profiles

Getting the Most of Named Profiles

The AWS CLI supports using any of multiple named profiles that are stored in the config and credentials files. You can configure additional profiles by using aws configure with the –profile option, or by adding entries to the config and credentials files.

The following example shows a credentials file with two profiles. The first is used when you run a CLI command with no profile. The second is used when you run a CLI command with the –profile user1 parameter.

~/.aws/credentials (Linux & Mac) or %USERPROFILE%\.aws\credentials (Windows)



Each profile can specify different credentials—perhaps from different IAM users—and can also specify different AWS Regions and output formats.

~/.aws/config (Linux & Mac) or %USERPROFILE%\.aws\config (Windows)


[profile user1]


The credentials file uses a different naming format than the CLI config file for named profiles. Include the prefix word “profile” only when configuring a named profile in the config file. Do not use the word profile when creating an entry in the credentials file. Using Profiles with the AWS CLI

To use a named profile, add the –profile profile-name option to your command. The following example lists all of your Amazon EC2 instances using the credentials and settings defined in the user1 profile from the previous example files.

$ aws ec2 describe-instances --profile user1

To use a named profile for multiple commands, you can avoid specifying the profile in every command by setting the AWS_PROFILE environment variable at the command line.

Linux or macOS

$ export AWS_PROFILE=user1

Setting the environment variable changes the default profile until the end of your shell session, or until you set the variable to a different value. You can make environment variables persistent across future sessions by putting them in your shell’s startup script. For more information, see Environment Variables To Configure the AWS CLI.

This is from the aws-cli documentation, which I highly recommend.