A PowerShell script to efficiently manage AWS CLI credentials and config files across multiple projects.
When working with multiple AWS projects, managing the AWS CLI configuration files (~/.aws/credentials and ~/.aws/config) can become cumbersome:
- Files grow larger with each new project profile
- Difficult to remove outdated profiles
- Hard to maintain a clean configuration
- Error-prone manual editing
This script allows you to:
- Maintain separate credential and config files for each project
- Automatically merge them into your AWS CLI configuration
- Backup existing files before making changes
- Only update when necessary (based on file differences)
The script:
- Scans designated directories for project-specific credential and config files
- Sorts them by filename (allowing date-based sorting)
- Merges them into a temporary file
- Compares with existing AWS CLI config files
- If different, backs up existing files and replaces them with the merged version
-
Create two directories in your working directory:
credentials/: For AWS credential filesconfigs/: For AWS config files
-
Save the script as
aws-cli-config-manager.ps1in the same directory
Store your project-specific files using this naming pattern:
- Credentials:
credentials.YYYY-MMDD.project-name - Config:
config.YYYY-MMDD.project-name
Example:
./
├── credentials/
│ ├── credentials.2024-0301.project-a
│ ├── credentials.2024-0310.project-b
│ └── credentials.2024-0315.project-c
└── configs/
├── config.2024-0301.project-a
├── config.2024-0310.project-b
└── config.2024-0315.project-c
Standard execution:
.\aws-cli-config-manager.ps1Debug mode (shows all steps without making changes):
.\aws-cli-config-manager.ps1 -DebugOutput when running in debug mode:
PS> .\aws-cli-config-manager.ps1 -Debug
[DEBUG] Running in debug mode
[DEBUG] Current working directory: C:\Users\username\aws-settings
[DEBUG] AWS credentials path: C:\Users\username\.aws\credentials
[DEBUG] AWS config path: C:\Users\username\.aws\config
[DEBUG] Credentials directory: C:\Users\username\aws-settings\credentials
[DEBUG] Backup path: C:\Users\username\.aws\credentials.bak
[DEBUG] Found 3 files (pattern: credentials.*):
[DEBUG] - C:\Users\username\aws-settings\credentials\credentials.2024-0301.project-a
[DEBUG] - C:\Users\username\aws-settings\credentials\credentials.2024-0310.project-b
[DEBUG] - C:\Users\username\aws-settings\credentials\credentials.2024-0315.project-c
...
[DEBUG] Completed debug mode run - no actual changes were madeOutput when running in normal mode:
PS> .\aws-cli-config-manager.ps1
Backed up existing file to: C:\Users\username\.aws\credentials.bak
Successfully updated file: C:\Users\username\.aws\credentials
Backed up existing file to: C:\Users\username\.aws\config.bak
Successfully updated file: C:\Users\username\.aws\config
Process completed: 2 file(s) updated- Order Control: Files are processed in alphabetical order, so you can control the order by adjusting the date in the filename.
- Always First/Last: Use special dates to ensure certain profiles always appear first or last:
credentials.0000-0000.always-first # Always first credentials.9999-9999.always-last # Always last - Profile Overriding: Later files override earlier ones with the same profile names.
- The script maintains one backup version (
.bak) for each file - Files are processed in binary mode to preserve line endings
- The script only updates files when differences are detected