Set aws profile


#1

Hey everybody,

first of all I want to say, that I pretty love the serverless way of creating new applications.
I played around with the example from the guide and I’m using the aws-cli with my main AWS account. I want to test the lambda stuff using my personal account and created a new user with administrative permissions. I added it like this to the ~/.aws/credentials file:

[default]
aws_access_key_id = *******
aws_secret_access_key = *******

[serverless]
aws_access_key_id = *******
aws_secret_access_key = *******

After doing this and creating a new serverless function I updated the provider section inside of serverless.yml like this:

provider:
  name: aws
  runtime: nodejs4.3
  profile: serverless
  stage: dev
  region: eu-central-1

As you can see I’m trying to use the serverless profile here but whenever I execute serverless deploy it deploys to my default account.

Do you have any idea what’s wrong here??

Thanks and best regards.


#2

What version of Serverless are you running (i.e. sls -v output)?

Your config looks good, so I’m hoping your just running an older version of Serverless which didn’t have that functionality…


#3

Unfortunately I’m on the latest version 1.0.0-rc.1 :frowning:


#4

Looks like my PR to implement provider > profile wasn’t in rc.1 - it’s in rc.2 which is now available.

Please try that - it should work :thumbsup:


#5

Yes! I updated to RC2 and now it’s working. Thanks a lot @rowanu


#7

@bart is this option available on serverless invoke cli command? I’m trying to use it without success. And if I log the AWS credentials it’s the wrong one.


#8

Profile selection has been completely re-worked since my changes back in the RC, so I’m not sure if it’s supported anymore. The config docs suggest to me that command-line options on invoke are not supported :frowning2:


#9

I cannot for the life of me get serverless to respect my profile choices.

OS: darwin
Node Version: 8.1.3
Serverless Version: 1.21.1

My setup:
I have no AWS_ environment variables set in my console.
I have a “storytape_dev” and “storytape_prod” profile setup in ~/.aws/credentials and I have removed the [default] one.
I have the region set in ~/.aws/config for both of these profiles
I have verified that the credentials work by running aws iam list-users --profile storytape_dev and getting the user list back. I have tried it without the --profile and it fails as expected.

What I have tried so far:
I have tried hardcoding the profile, stage, and region in my serverless.yml file.
I have followed the instructions in this guide to setup "per stage profiles"
I have removed the profile, state, and region from serverless.yml and run AWS_PROFILE=storytape_dev sls deploy

I’m out of ideas. All of the things I’ve tried so far result in ServerlessError: The security token included in the request is invalid.

Back before I setup multiple accounts this was working. Any help would be very much appreciated.

Here is the rub. I deactivated my production key in the AWS IAM console. When I turn on the prod key I get The specified bucket does not exist even though I ran AWS_PROFILE=storytape_dev sls deploy. Somehow the prod profile is being used even though I have removed all profile info from serverless.yml and set a different profile on the command line.


#10

Looks like this was my fault. I had added process.env.AWS_PROFILE = 'storytape_prod' to my webpack.config.js file. :man_facepalming:

I have removed that. I also removed the region, stage, and profile from serverless.yml and now AWS_PROFILE=storytape_dev sls deploy works as expected.