# HG changeset patch # User Gregory Szorc # Date 2019-10-05 15:58:17 # Node ID f71b3c561b935c978d0bc6c0cba410b4a54a762c # Parent b8df6a470bbbc99b581529a8907a69fcb2a6a1a4 automation: improve documentation for credentials management Differential Revision: https://phab.mercurial-scm.org/D6982 diff --git a/contrib/automation/README.rst b/contrib/automation/README.rst --- a/contrib/automation/README.rst +++ b/contrib/automation/README.rst @@ -47,12 +47,25 @@ https://boto3.amazonaws.com/v1/documenta for how ``boto3`` works. Once you have configured your environment such that ``boto3`` can find credentials, interaction with AWS should *just work*. -.. hint:: +To configure ``boto3``, you can use the ``aws configure`` command to +write out configuration files. (The ``aws`` command is typically provided +by an ``awscli`` package available in your package manager, including +``pip``.) Alternatively, you can write out files in ``~/.aws/`` directly. +e.g.:: + + # ~/.aws/config + [default] + region = us-west-2 - Typically you have a ``~/.aws/credentials`` file containing AWS - credentials. If you manage multiple credentials, you can override which - *profile* to use at run-time by setting the ``AWS_PROFILE`` environment - variable. + # ~/.aws/credentials + [default] + aws_access_key_id = XXXX + aws_secret_access_key = YYYY + +If you have multiple AWS accounts, you can name the profile something +different from ``default``. e.g. ``hg``. You can influence which profile +is used by ``boto3`` by setting the ``AWS_PROFILE`` environment variable. +e.g. ``AWS_PROFILE=hg``. Resource Management -------------------