A utility library for reading AWS config profiles, and updating credentials using aws cli. Provides a few basic AWS definitions as well for convienence.

This project reads from your ~/.aws/config, and parses it into an array of profiles. It also exposes functionality to set credentials using the aws cli.

We use os.homedir to locate your .aws folder, and open your config file. From there we do an initial scan of every line, turning it into a group of profiles and their associated lines. These lines are then parsed and transformed into their appropriate profile lines. Finally we do a reconciliation mapping every source_profile from a name into its actual profile. If a source_profile cannot be resolved into an actual profile, it is turned into undefined.

We use the aws cli and NodeJS exec functionality to store credentials into the ~/.aws/credentials file. This means that we never read or touch your credentials file but means that your credentials could be mangled, and that we have a dependency on you having the aws cli available on your path. See aws-cli/aws-credential-writer.

WARNING: This does have the unfortunate side effect of making this not atomic, meaning that the risk of having the credentials mangled by a process being interrupted is high. We need to make three sequential calls to update the credentials, and if any of them are interrupted the credentials (that we are trying to save) will be mangled.