Validate a User's Credentials with AWS CLI

avatar

Borislav Hadzhiev

Mon Sep 20 20211 min read

banner

Photo by Alex Alvarez

Validating a User's Credentials with AWS CLI #

To validate a user's credentials with the AWS CLI, run the sts get-caller-identity command. The command returns details about the user's credentials if they are valid, otherwise it throws an error.

Let's run the get-caller-identity command on the default profile:

shell
aws sts get-caller-identity

default profile valid user

The output of the command shows that the caller has been successfully identified, therefore their credentials are valid.

To validate the credentials of a named profile with AWS CLI, run the sts get-caller-identity command passing in the --profile parameter.

shell
aws sts get-caller-identity --profile YOUR_PROFILE

named profile valid user

The output shows that the named profile also has valid credentials.

Let's now test the other scenario. I'll update the secret access key of the default profile to be incorrect and then I'll rerun the sts get-caller-identity command.

shell
aws sts get-caller-identity

default profile invalid user

The get-caller-identity command was unable to identify the caller, because the configured secret access key is incorrect and we got a SignatureDoesNotMatch error.

Further Reading #

Join my newsletter

I'll send you 1 email a week with links to all of the articles I've written that week

Buy Me A Coffee