Using the ~/.aws/credentials approach is useful for a development environment where you potentially need to test things with multiple profiles, but for a production deployment, the ENV Variable is preferred, right?
Another important consideration: Don't check credentials into VCS in plain text. It may not seem to bad if the team is small and the repo is private, but eventually, the team will grow and it will be necessary to limit access to the credentials!
Good point with the VCS! itβs very important never commit credentials.
If you use a CI/CD tool like CircleCI or Jenkins you can store the credentials as environment variables so the Containers in the build process have access to them.
So yes for not local environments itβs a good pattern to use the ENV variable.
You make a great point here. In fact, with IAM roles, these environment variables are set which means reading credentials from environment variables is the way to go. I will clarify these in the post ππΌ
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Using the
~/.aws/credentials
approach is useful for a development environment where you potentially need to test things with multiple profiles, but for a production deployment, the ENV Variable is preferred, right?Another important consideration: Don't check credentials into VCS in plain text. It may not seem to bad if the team is small and the repo is private, but eventually, the team will grow and it will be necessary to limit access to the credentials!
Good point with the VCS! itβs very important never commit credentials.
If you use a CI/CD tool like CircleCI or Jenkins you can store the credentials as environment variables so the Containers in the build process have access to them.
So yes for not local environments itβs a good pattern to use the ENV variable.
You make a great point here. In fact, with IAM roles, these environment variables are set which means reading credentials from environment variables is the way to go. I will clarify these in the post ππΌ