I'm using the aws CLI in a CI/CD pipeline, where I want it to fail, if credentials are not available in environment variables. However, it currently doesn't, as aws sts get-caller-identity succeeds, because it uses the credentials for the EC2 instance profile.
How can I specify that I valid credential sources as command-line parameters?
I want it to fail, if credentials are not available in environment variables
Assuming you are using bash, you could use:
if [[ -z "$AWS_ACCESS_KEY_ID" || -z "$AWS_SECRET_ACCESS_KEY" ]]; then
echo "AWS credentials are not available as environment variables";
exit 1;
fi
this would error if either AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY are unset.