Example 1
Set-AWSCredential -ProfileName myCredentials
Loads the credentials contained in the specified profile and sets them active for all cmdlets in the current shell (the parameter name can be omitted for brevity). The cmdlet first searches the encrypted credential file shared with the AWS SDK for .NET and AWS Toolkit for Visual Studio. If this file does not contain a matching profile the cmdlet will attempt to load the profile from the text-format credential file shared with the AWS CLI, looking in its default location (%USERPROFILE%\.aws\credentials). If this file has been renamed, or does not exist in the default location, use the -ProfileLocation parameter to point to the credential file. Note that using -ProfileLocation disables profile lookup in the encrypted .NET store file.
Example 2
Set-AWSCredential -AccessKey AKIAIOSFODNN7EXAMPLE -SecretKey wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY -StoreAs myCredentials
Saves the specified credentials as a profile named 'myCredentials'. The cmdlet does not affect any credentials currently set as active in the shell. To update the shell run the cmdlet again specifying the name of the profile (Set-AWSCredential -ProfileName myCredentials). On platforms that support the encrypted credential file the profile is written to the encrypted store. If the platform does not support the encrypted store (Linux, MacOS, Windows Nano Server) the profile is written to the plain text ini-format shared credential file at %HOME%\.aws\credentials. To force the profile to be written to the shared credential file on systems that support both stores, specify the path and filename of the credential file using the -ProfileLocation parameter.
Example 3
Set-AWSCredential -AccessKey AKIAIOSFODNN7EXAMPLE -SecretKey wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY -SessionToken SamPleTokeN.....
Sets the temporary session-based credentials as active in the current shell. Note that temporary credentials cannot be saved as a profile.
Example 4
Set-AWSCredential -ProfileName myCredentials -ProfileLocation C:\myAWSCredentials.ini
Loads the specified credentials from the ini-format credential file (with a non-default name and location) shared with the AWS CLI and sets the credentials in the profile active in the current shell. The -ProfileLocation parameter can be omitted if the credential file is named 'credentials' and is stored in the default location (%USERPROFILE%\.aws).
Example 5
$credential = Get-Credential -Message "Enter your domain credentials for federated identity"
Set-AWSCredential -ProfileName mySamlCredentialProfile -NetworkCredential $credential
Loads the specifed SAML federated credential profile (created with Set-AWSSAMLRoleProfile). The -NetworkCredential parameter is only needed if the logged-in user acount is not joined to the domain used for federation. In this scenario, when temporary credential generated is attempted and the user must be authenticated, caching the identity with the -NetworkCredential parameter value avoids a pop-up credential demand. For systems where the logged-in user account belongs to the domain the logged-in identity is used automatically and no credential demand is made. In this scenario you do not need to supply a credential value.
Example 6
Set-AWSCredential -AccessKey AKIAIOSFODNN7EXAMPLE -SecretKey wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY -StoreAs sourceAccountProfile
Set-AWSCredential -SourceProfile sourceAccountProfile -RoleArn arn:aws:iam::123456789012:role/my_role -StoreAs myRoleProfile
Creates a cross-account role profile for the specified role. First you create a source profile that can be referenced by multiple role profiles. Then create the role profile for the specified role(s). When the role profile is loaded for use, the role described in the profile will be assumed and temporary credentials for the role set as active in the shell.
Example 7
Set-AWSCredential -SourceProfile sourceAccountProfile -RoleArn arn:aws:iam::123456789012:role/my_role -MfaSerial 124345 -StoreAs myRoleProfile
Creates a cross-account role profile for the specified role that requires use of a two-factor MFA device during credential generation. When credentials for the role are generated the user is prompted to enter the value on the MFA device.
Example 8
Set-AWSCredential -SourceProfile sourceAccountProfile -RoleArn arn:aws:iam::123456789012:role/my_role -ExternalId idValue -StoreAs myRoleProfile
Creates a cross-account role profile for the specified role that requires a unique identifier to be specified. The identifier is used by third parties when assuming roles in their customers' accounts.