4

I'm working on an unattended PowerShell script and want to store AWS credentials the Right Way.

According to the documentation, I should be able to store credentials in a .ini file like this

.\myAWSCredentials.ini

[default]
aws_access_key_id = XXXXXXXXXXXXXXX
aws_secret_access_key = YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY

[namedProfile]
aws_access_key_id = XXXXXXXXXXXXXXX
aws_secret_access_key = YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY

and load it into my environment with

Set-AWSCredentials -ProfilesLocation .\myAWSCredentials.ini

or

Set-AWSCredentials -ProfileName namedProfile -ProfilesLocation .\myAWSCredentials.ini

But I get an error that doesn't make sense— what does PowerShell have to do with an App.config file?

Set-AWSCredentials : Error loading stored credentials, (profile location = '.\myAWSCredentials.ini'). Error: App.config does not contain credentials information. Either add the AWSAccessKey and AWSSecretKey or AWSProfileName. At line:1 char:1 + Set-AWSCredentials -ProfilesLocation .\myAWSCredentials.ini + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Set-AWSCredentials], ArgumentException + FullyQualifiedErrorId : System.ArgumentException,Amazon.PowerShell.Common.SetCredentialsCmdlet

Nathan
  • 3,842
  • 1
  • 26
  • 31

3 Answers3

6

Turns out in investigating this, we have a bug in handling the .ini format file in the latest releases (3.1.31.0 onwards) that I'm fixing now.

If you're not using one of these releases (and I don't think you are based on the message, which was fixed in those releases) then try supplying the full path to the credential file to -ProfilesLocation - it could be that the 'current path' as far as PowerShell is concerned isn't what you think it is when the cmdlet runs (I've run into this with other files I've tried to access for example from my profile).

I'll update further when I've fixed the issue.

Steve Roberts
  • 714
  • 4
  • 8
  • v3.1.33.0 has now been released that fixes the bug I noted (the tools would error out with a 'profile not found' error when using the text-format credential files. Provided .\ is correct for the file location or you pass the full path to the credential file you should be able to load credentials and not encounter the strange app.config message. – Steve Roberts Dec 08 '15 at 23:54
  • Thanks a lot Steve Roberts—I've updated and get correct behavior now and better error messages. I was also messing up the keys in the INI file. I will edit my example above so as not to lead anyone down that same path. – Nathan Dec 09 '15 at 17:57
  • It still requires the full path to the INI file. Not sure why/when but you may want to note in documentation. – Nathan Dec 09 '15 at 20:53
  • Thanks, I'll pass that onto our doc team. I think it's probably safest to always use a full path anyway. – Steve Roberts Dec 09 '15 at 22:07
1

I think if you fully qualify the path it should work....relative paths are evil.

For example use: Set-AWSCredentials -ProfilesLocation c:\Path\to\file\myAWSCredentials.ini

CountScary
  • 11
  • 3
0

easily u can store the credentials by following powershell user guide 

Set-AWSCredentials -AccessKey xxxxxxx44Hxxxxxxx -SecretKey WVBUyB5ylBWtpxxxxxxxxxxxxxxxxxxxxxxxxxxx -StoreAs awskeys
Arun Vinoth-Precog Tech - MVP
  • 22,364
  • 14
  • 59
  • 168
user8971654
  • 1