Setting up credentials for the deployment tool - AWS SDK for .NET

Setting up credentials for the deployment tool

This is prerelease documentation for a feature in preview release. It is subject to change.

This information is about how to set up credentials for the deployment tool. If you're looking for information about setting up credentials for your project, see Configure AWS credentials instead.

To run the deployment tool against your AWS account, you must have a credential profile. The profile must be set up with at least an access key ID and a secret access key for an AWS Identity and Access Management (IAM) user. For information about how to do this, see Create users and roles and Using the shared AWS credentials file.

The credentials that you use to run the deployment tool must have permissions for certain services, depending on the tasks that you're trying to perform. The following are some examples of the typical permissions that are required to run the tool. Additional permissions might be required, depending on the type of application you're deploying and the services it uses.


Permissions for services

Display a list of AWS CloudFormation stacks (list-deployments)


Deploy and redeploy to Elastic Beanstalk (deploy)

CloudFormation, Elastic Beanstalk

Deploy and redeploy to Amazon ECS (deploy)

CloudFormation, Elastic Beanstalk, Elastic Container Registry

The deployment tool automatically uses the [default] profile from your shared AWS config and credentials files if that profile exists. You can change this behavior by specifying a profile for the tool to use, either system-wide or in a particular context.

To specify a system-wide profile, do the following:

  • Specify the AWS_PROFILE environment variable globally, as appropriate for your operating system. Be sure to reopen command prompts or terminals as necessary. If the profile you specify doesn't include an AWS Region, the tool might ask you to choose one.


    If you set the AWS_PROFILE environment variable globally for your system, other SDKs, CLIs, and tools will also use that profile. If this behavior is unacceptable, specify a profile for a particular context instead.

To specify a profile for a particular context, do one of the following:

  • Specify the AWS_PROFILE environment variable in the command prompt or terminal session from which you're running the tool (as appropriate for your operating system).

  • Specify the --profile and --region switches within the command. For example: dotnet aws list-stacks --region us-west-2. For additional information about the deployment tool's commands, see Running the deployment tool.

  • Specify nothing and the tool will ask you to choose a profile and an AWS Region.