I Recently stumbled across a predicament of multiple aws accounts.
This is a minor predicament but a predicament nonethless.
I have a situation where i have
1. A personal AWS account
2. A work AWS account
3. A vendor AWS account
These three AWS accounts all use the same chef-server. So to make my life easier i decided to organize them.
I created the following structure:
$ mkdir -p ~/chef-aws/{personal,work,thirdparty}/.chef
I copied my knife.rb from ~/.chef/knife.rb into each of these folders.
$ cp -p ~/.chef/knife.rb ~/chef-aws/personal $ cp -p ~/.chef/knife.rb ~/chef-aws/work $ cp -p ~/.chef/knife.rb ~/chef-aws/thirdparty
Here’s an example of the knife.rb file
You can find details on setting up knife with ec2 here : Knife-EC2 Configuration
current_dir = File.dirname(__FILE__)
log_level :info
log_location STDOUT
node_name "neosirex"
client_key "/home/James/.chef/myuser.pem"
validation_client_name "neosirex-validator"
validation_key "/home/James/.chef/random-validator.pem"
chef_server_url "https://api.opscode.com/organizations/somemakebelieveaccount"
cache_type 'BasicFile'
cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
cookbook_path ["#{current_dir}/../cookbooks"]
Here’s the snippet that’s added to each AWS specific knife.rb
knife[:aws_access_key_id] ='< AWS ACCESS KEY GOES HERE >' knife[:aws_secret_access_key] ='< AWS SECRET KEY GOES HERE >'
So now in order to use different AWS accounts what i do is change into each of those aws directories and run knife commands from there.
Each of the following commands would give me the output only of the relevant AWS server
$ cd ~/chef-aws/personal && knife ec2 server list $ cd ~/chef-aws/work && knife ec2 server list $ cd ~/chef-aws/thirdparty && knife ec2 server list
I Leave my default ~/.chef/knife.rb file without AWS credentials in it.
This is because i don’t want to accidently deploy to the wrong AWS account.
There’s still room for human error but i suppose it’s better than nothing
If someone has a better approach to this i’d like to know about it.
cookingclouds 