Configuration for two AWS accounts when deploying app to ElasticBeanstalk
AWS provides ElasticBeanstalk (EB) as a quick and easy way to deploy your RoR application through a tool called EB Command Line Tool (http://aws.amazon.com/code/6752709412171743). When using with EB Tool, you would need to have AWS Access Key ID and AWS Secret Key. These keys would be asked by EB tool when you run eb init
and they would be saved in a certain file on your computer.
After setting up with eb init
, you can easily push your code to your ElasticBeanstalk environment by issuing the command git aws.push
. More specifically, when running this command, EB Tool will look for the AWS_CREDENTIAL_FILE environment variable to know how to load the correct AWS Access Key ID and AWS Secret Key. We can take advantage of this to specify the correct credential files at run time.
Normally, if you have to work with multiple AWS credentials on your computer, you might need to run eb init
before using the new credentials, and EB Tool would overwrite content of the credentials file I mention above. I see that this is very difficult for me to manage the keys as I can easily forgot the credentials after a while, and especially I don't know which key I am using.
In order to solve this issue, I have created a simple folder ~/.keys
inside my home directly which contains all the credential files. According to AWS Documentation, the content of each credential file look like this:
AWSAccessKeyId=AKIAICXXXXXXZP7NQ
AWSSecretKey=OfweP68OxxxxxxxxxxxxMXjilPxP7dOeV
For example, if you are working with two accounts called test1
and test2
, you would create two files on ~/.keys folders with corresponding names. Now, every time you need to work with a specific account, you would only need to run this command first:
export AWS_CREDENTIAL_FILE=~/.keys/<file name>
And then, you would be able to use the correct credentials when running git aws.push
or eb status
command. The only thing to remember is that you have to run this command again if you start a new shell window because this variable will only be set on the current shell window.
For more information about using this tool, please refer to http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-reference-get-started.html
There are also a more detailed blog writing about this with different settings. I personally have not tried using that method but I think it would be helpful for you to know in case my method does not work out with you. http://www.dowdandassociates.com/blog/content/howto-install-aws-cli-security-credentials/
Thanks