-
Notifications
You must be signed in to change notification settings - Fork 595
/
shared_config
267 lines (203 loc) · 6.85 KB
/
shared_config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
[default]
s3 =
unsupported_key=123
other_unsupported=abc
region = default_region
[profile exampleProfile]
region = us-west-2
aws_access_key_id = AKID
aws_secret_access_key = SECRET
[profile alt_profile_name]
region = alt_profile_name_region
[profile with_role_duration]
duration_seconds = 3601
[profile merged_profiles]
duration_seconds = 3601
role_arn = config_profile_arn
sso_start_url = https://my-sso-config-profile-role.awsapps.com/start
sso_region = us-east-1
sso_account_id = 1234567890
sso_role_name = ConfigProfileRole
ca_bundle = /path/to/bundle.a
[profile short_profile_name_first]
region = short_profile_name_first_short
[profile short_profile_name_first]
region = short_profile_name_first_alt
[profile partial_creds]
aws_access_key_id = partial_creds_akid
[profile complete_creds]
aws_access_key_id = complete_creds_akid
aws_secret_access_key = complete_creds_secret
[profile complete_creds_with_token]
aws_access_key_id = complete_creds_with_token_akid
aws_secret_access_key = complete_creds_with_token_secret
aws_session_token = complete_creds_with_token_token
[profile full_profile]
aws_access_key_id = full_profile_akid
aws_secret_access_key = full_profile_secret
region = full_profile_region
[profile config_file_load_order]
region = shared_config_region
aws_access_key_id = shared_config_akid
aws_secret_access_key = shared_config_secret
[profile partial_assume_role]
role_arn = partial_assume_role_role_arn
[profile assume_role]
role_arn = assume_role_role_arn
source_profile = complete_creds
[profile assume_role_w_mfa]
role_arn = assume_role_role_arn
source_profile = complete_creds
mfa_serial = 0123456789
[profile assume_role_invalid_source_profile]
role_arn = assume_role_invalid_source_profile_role_arn
source_profile = profile_not_exists
[profile assume_role_w_creds]
role_arn = assume_role_w_creds_role_arn
source_profile = assume_role_w_creds
external_id = 1234
role_session_name = assume_role_w_creds_session_name
aws_access_key_id = assume_role_w_creds_akid
aws_secret_access_key = assume_role_w_creds_secret
[profile assume_role_w_creds_ext_dur]
role_arn = assume_role_w_creds_role_arn
duration_seconds=1800
source_profile = assume_role_w_creds_ext_dur
external_id = 1234
role_session_name = assume_role_w_creds_session_name
aws_access_key_id = assume_role_w_creds_akid
aws_secret_access_key = assume_role_w_creds_secret
[profile assume_role_wo_creds]
role_arn = assume_role_wo_creds_role_arn
source_profile = assume_role_wo_creds
[profile valid_arn_region]
s3_use_arn_region=true
[profile disable_mrap]
s3_disable_multiregion_access_points=true
[profile endpoint_discovery_enabled]
endpoint_discovery_enabled=true
[profile endpoint_discovery_disabled]
endpoint_discovery_enabled=false
[profile endpoint_discovery_auto]
endpoint_discovery_enabled=auto
[profile endpoint_discovery_unknown]
endpoint_discovery_enabled=unknown
[profile with_mixed_case_keys]
aWs_AcCeSs_kEy_ID = accessKey
aWs_SecrEt_AccEsS_kEY = secret
[profile assume_role_with_credential_source]
role_arn = assume_role_with_credential_source_role_arn
credential_source = Ec2InstanceMetadata
[profile multiple_assume_role]
role_arn = multiple_assume_role_role_arn
source_profile = assume_role
[profile multiple_assume_role_with_credential_source]
role_arn = multiple_assume_role_with_credential_source_role_arn
source_profile = assume_role_with_credential_source
[profile multiple_assume_role_with_credential_source2]
role_arn = multiple_assume_role_with_credential_source2_role_arn
source_profile = multiple_assume_role_with_credential_source
[profile sso_creds]
sso_account_id = 012345678901
sso_region = us-west-2
sso_role_name = TestRole
sso_start_url = https://127.0.0.1/start
[profile source_sso_creds]
role_arn = source_sso_creds_arn
source_profile = sso_creds
[profile sso_and_static]
aws_access_key_id = sso_and_static_akid
aws_secret_access_key = sso_and_static_secret
aws_session_token = sso_and_static_token
sso_account_id = 012345678901
sso_region = us-west-2
sso_role_name = TestRole
sso_start_url = https://THIS_SHOULD_NOT_BE_IN_TESTDATA_CACHE/start
[profile sso_and_assume]
sso_account_id = 012345678901
sso_region = us-west-2
sso_role_name = TestRole
sso_start_url = https://127.0.0.1/start
role_arn = sso_with_assume_role_arn
source_profile = multiple_assume_role_with_credential_source
[profile source_sso_and_assume]
role_arn = source_sso_and_assume_arn
source_profile = sso_and_assume
[profile sso_mixed_credproc]
sso_account_id = 012345678901
sso_region = us-west-2
sso_role_name = TestRole
sso_start_url = https://127.0.0.1/start
credential_process = /path/to/process
[profile DoNotNormalize]
aws_access_key_id = DoNotNormalize_config_akid
aws_secret_access_key = DoNotNormalize_config_secret
aws_session_token = DoNotNormalize_config_session_token
[profile donotnormalize]
aws_access_key_id = donotnormalize_config_akid
aws_secret_access_key = donotnormalize_config_secret
aws_session_token = donotnormalize_config_session_token
[profile DONOTNORMALIZE]
aws_access_key_id = DONOTNORMALIZE_config_akid
aws_secret_access_key = DONOTNORMALIZE_config_secret
aws_session_token = DONOTNORMALIZE_config_session_token
[profile DoNotNormalize]
region = us-west-2
duration_seconds = 1200
[profile donotnormalize]
region = us-west-1
duration_seconds = 1500
[profile DONOTNORMALIZE]
region = us-west-3
duration_seconds = 1800
[profile AssumeWithDoNotNormalize]
role_arn = AssumeWithDoNotNormalize_role_arn
source_profile = DoNotNormalize
[profile EC2MetadataServiceEndpoint]
ec2_metadata_service_endpoint = http://endpoint.localhost
[profile EC2MetadataServiceEndpointModeIPv6]
ec2_metadata_service_endpoint_mode = IPv6
[profile EC2MetadataServiceEndpointModeIPv4]
ec2_metadata_service_endpoint_mode = IPv4
[profile EC2MetadataServiceEndpointModeUnknown]
ec2_metadata_service_endpoint_mode = foobar
[profile EC2MetadataServiceEndpointAndModeMixed]
ec2_metadata_service_endpoint = http://endpoint.localhost
ec2_metadata_service_endpoint_mode = IPv6
[profile UseDualStackEndpointEnabled]
region = "us-west-2"
use_dualstack_endpoint=True
[profile UseDualStackEndpointDisabled]
region = "us-west-2"
use_dualstack_endpoint=False
[profile UseDualStackEndpointInvalid]
region = "us-west-2"
use_dualstack_endpoint=invalid
[profile UseFIPSEndpointEnabled]
region = "us-west-2"
use_fips_endpoint=True
[profile UseFIPSEndpointDisabled]
region = "us-west-2"
use_fips_endpoint=False
[profile UseFIPSEndpointInvalid]
region = "us-west-2"
use_fips_endpoint=invalid
[profile autodefaultsmode]
defaults_mode = auto
[profile standarddefaultsmode]
defaults_mode = standard
[profile invaliddefaultsmode]
defaults_mode = invalid
[profile retryunset]
[profile retrywithstandard]
retry_mode = standard
max_attempts = 5
[profile retrywithadaptive]
retry_mode = adaptive
max_attempts = 4
[profile retrywithinvalidmode]
retry_mode = invalid
[profile retrywithinvalidattempts]
max_attempts = invalid
[profile with_ca_bundle]
ca_bundle = custom_ca_bundle_file.pem