Difference between revisions of "Aws sts get-caller-identity"
Jump to navigation
Jump to search
(5 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
* <code>aws sts get-caller-identity --output text --query 'Account'</code> | * <code>aws sts get-caller-identity --output text --query 'Account'</code> | ||
* <code>[[ACCOUNT_ID]]=$(aws sts get-caller-identity --output text --query 'Account')</code> | * <code>[[ACCOUNT_ID]]=$(aws sts get-caller-identity --output text --query 'Account')</code> | ||
+ | |||
+ | |||
+ | * <code>[[aws sts]] get-caller-identity && [[aws iam list-account-aliases]]</code> | ||
== Examples == | == Examples == | ||
Line 21: | Line 24: | ||
"UserId": "AROASTNMATSFIGC3RFZFC:martin.oscar", | "UserId": "AROASTNMATSFIGC3RFZFC:martin.oscar", | ||
"Account": "09876543212", | "Account": "09876543212", | ||
− | "Arn": "arn:aws:sts::09876543212:[[assumed-role]]/ | + | "Arn": "arn:aws:sts::09876543212:[[assumed-role]]/[[AWSReservedSSO_AdministratorAccess]]_111111111/your-username" |
} | } | ||
Line 66: | Line 69: | ||
* <code>[[aws sts get-session-token]]</code> | * <code>[[aws sts get-session-token]]</code> | ||
* <code>[[aws iam get-user]]</code> | * <code>[[aws iam get-user]]</code> | ||
− | + | * <code>[[aws ssm get-instance-profile]]</code> | |
* [[An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied]] | * [[An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied]] | ||
* <code>[[aws eks get-token]]</code> | * <code>[[aws eks get-token]]</code> | ||
− | + | * <code>[[sts:AssumeRole]]</code> | |
− | + | * <code>[[sts:GetCallerIdentity]]</code> | |
* [[AWS switching to a role]] | * [[AWS switching to a role]] | ||
+ | * [[AWS info]] | ||
+ | * [[Creating or updating a kubeconfig file for an Amazon EKS cluster]] | ||
== See also == | == See also == |
Latest revision as of 05:09, 12 February 2024
aws sts get-caller-identity
command outputs three pieces of information including the ARN.
Contents
Commands[edit]
aws sts get-caller-identity
aws sts get-caller-identity --profile XXXXX
aws sts get-caller-identity --output text --query 'Account'
ACCOUNT_ID=$(aws sts get-caller-identity --output text --query 'Account')
aws sts get-caller-identity && aws iam list-account-aliases
Examples[edit]
aws sts get-caller-identity { "UserId": "ZIDBZCTGOUKVXXFNQ5Q3F", "Account": "09876543212", "Arn": "arn:aws:iam::09876543212:user/your_user" }
{ "UserId": "AROASTNMATSFIGC3RFZFC:martin.oscar", "Account": "09876543212", "Arn": "arn:aws:sts::09876543212:assumed-role/AWSReservedSSO_AdministratorAccess_111111111/your-username" }
Errors[edit]
aws sts get-caller-identity Unable to locate credentials. You can configure credentials by running "aws configure".
aws sts get-caller-identity An error ocurred (InvalidClientTokenId) when calling the GetCallerIdentity operation: The security token included in the request is invalid
data.aws_caller_identity.current
data.aws_caller_identity.current Traceback (most recent call last): File "/usr/local/bin/aws", line 19, in <module> import awscli.clidriver File "/usr/local/lib/python3.6/site-packages/awscli/clidriver.py", line 17, in <module> import botocore.session File "/usr/local/lib/python3.6/site-packages/botocore/session.py", line 29, in <module> import botocore.credentials File "/usr/local/lib/python3.6/site-packages/botocore/credentials.py", line 35, in <module> from botocore.config import Config File "/usr/local/lib/python3.6/site-packages/botocore/config.py", line 16, in <module> from botocore.endpoint import DEFAULT_TIMEOUT, MAX_POOL_CONNECTIONS File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 24, in <module> from botocore.awsrequest import create_request_object File "/usr/local/lib/python3.6/site-packages/botocore/awsrequest.py", line 24, in <module> import botocore.utils File "/usr/local/lib/python3.6/site-packages/botocore/utils.py", line 32, in <module> import botocore.httpsession File "/usr/local/lib/python3.6/site-packages/botocore/httpsession.py", line 10, in <module> from urllib3.util.ssl_ import ( ImportError: cannot import name 'PROTOCOL_TLS'
Related[edit]
AWS PROFILE
aws organizations describe-organization
aws iam list-attached-user-policies
aws iam get-account-summary
aws iam list-account-aliases
aws iam create-account-alias
aws sts get-session-token
aws iam get-user
aws ssm get-instance-profile
- An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
aws eks get-token
sts:AssumeRole
sts:GetCallerIdentity
- AWS switching to a role
- AWS info
- Creating or updating a kubeconfig file for an Amazon EKS cluster
See also[edit]
Advertising: