Some libraries use legacy credentials to authenticate AWS accounts
Granted can populate those values from SSO sessions.
If you don't have ~/.aws/config with your profile configs already, create one...
sso newTo find details for filling your account config:
- Login to AWS in the browser (e.g. through Okta tile) to review your available SSO accounts.
- Select "Access Keys" for the account you're setting up to see Start URL and Region settings.
- Choose a short session/profile name e.g.
devfor your team dev account - Use
JSONas default output
See docs for more details on AWS SSO configuration files.
You'll need to do that once per profile to create the local config.
Tip
Give profiles a simple name like dev, staging or production.
The command is an alias for aws configure sso but also unsets active profile so configs don't
apply to the wrong one.
Switch into the desired profile, for example dev:
sso devYour prompt should now show the active session, e.g. ~/Code on ☁️ dev (us-east-1)
Try the following to confirm the active account details:
aws sts get-caller-identityContinue to KEYS