Clear key and value pair from file in windows

0
votes

I am using AWS CLI. I use AWS STS service for assuming role.After using that, I get temporary AWS credentials like AWS access key ID, aws secret access key and aws session token. I have created a bat file to run AWS STS assume role command and to change aws credentials file automatically. It works fine. Now after using temporary creds, I want to revert back to the original credentials file. I can change aws access key pair by running aws configure command. But i want to clear aws_session_token automatically. In linux I did it using following command.

 sed '/^aws_session_token/s/=.*$/=/' credentials
 sed -i -e '/aws_session_token/d' credentials

Here, I am clearing value for aws_session_token first and then the word 'aws_session_token'. I am unable to figure out how to do it in windows. So is there any sed alternative to remove value for particular key and then key itself? Any help is appreciated.

1
windowsamazon-web-servicessedcmdaws-cli
Rather than "replacing" credentials, I would recommend that you add an additional profile to the credentials file when using temporary credentials. That way, there is no need to "revert" back to a set of credentials. See: Named profiles - AWS Command Line InterfaceJohn Rotenstein
That sounds good. But I cannot add new aws profile at customer side. I don't have permission to do that.Jass
Then what "credentials file" are you editing?John Rotenstein
I am editing aws creds file only, but I don't have right to add new prodile. I can use default profile only. @John RotensteinJass
If you are editing the file, you could add a new profile -- it's just some additional lines in the same file. Or do you mean you aren't allowed to do it? An alternative would be to keep the permanent credentials in the config file, the use Environment Variables for the STS temporary credentials, since Environment Variables are used before the credential file.John Rotenstein

1 Answers

0
votes

When you run AWS CLI commands, the AWS CLI looks for credentials in a specific order—first in environment variables and then in the configuration file. Therefore, after you've put the temporary credentials into environment variables, the AWS CLI uses those credentials by default. (If you specify a profile parameter in the command, the AWS CLI skips the environment variables. Instead, the AWS CLI looks in the configuration file, which lets you override the credentials in the environment variables if you need to.)

The following example shows how you might set the environment variables for temporary security credentials and then call an AWS CLI command. Because no profile parameter is included in the AWS CLI command, the AWS CLI looks for credentials first in environment variables and therefore uses the temporary credentials.

SET AWS_ACCESS_KEY_ID=YourAccessKEYID
SET AWS_SECRET_ACCESS_KEY=YourSecretKeyAccess
SET AWS_SESSION_TOKEN=YourToken