I'm a bit confused. From the docs it sounds like i...
# aws
b
I'm a bit confused. From the docs it sounds like if you export
AWS_ACCESS_KEY_ID
,
AWS_SECRET_ACCESS_KEY
, and
AWS_REGION
pulumi
should use those credentials over anything in
~/.aws/credentials
. I'm using
aws-vault
, e.g.
aws-vault exec <profile> pulumi up
, and I've checked with
aws-vault exec <profile> aws sts get-caller-identity
that both accounts are accessible as expected, but
pulumi
is using the credentials from the default profile in
~/.aws/credentials
and
~/.aws/config
. Setting
AWS_PROFILE=<profile> pulumi up
works as expected, but I'd much rather use
aws-vault
or similar tooling.