Prevent 'aws login' from updating a profile with existing credentials #9924
+107
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…h existing credentials
hssyoo
reviewed
Dec 17, 2025
ashovlin
changed the title
hssyoo
approved these changes
Jan 6, 2026
Contributor
hssyoo
left a comment
hssyoo
left a comment
There was a problem hiding this comment.
Had a non-blocking comment but otherwise 🏆
hssyoo
approved these changes
Jan 7, 2026
AndrewAsseily
added a commit
that referenced
this pull request
Jan 9, 2026
* CLI examples for cloudformation. * Fix start-live-tail tests This fix addresses failures encountered on some systems when running the startlivetail unit tests through the AWS CLI test runner script at `scripts/ci/run-tests`. According to prompt toolkit documentation: > During the creation of a prompt_toolkit Application, we can specify > what input and output device to be used. By default, these are output > objects that correspond with sys.stdin and sys.stdout. In unit tests > however, we want to replace these. > - For the input, we want a “pipe input”. This is an input device, > in which we can programmatically send some input. It can be created > with create_pipe_input(), and that return either a PosixPipeInput or a > Win32PipeInput depending on the platform. Reference: https://python-prompt-toolkit.readthedocs.io/en/stable/pages/advanced_topics/unit_testing.html This change adds an optional `app_input`` parameter so that the test can be run with `create_pipe_input()` to replace the input for unit testing. * Update to latest models * Update endpoints model * Bump version to 2.32.8 * Update to latest models * Bump version to 2.32.9 * Update to latest models * Bump version to 2.32.10 * Update to latest models * Bump version to 2.32.11 * [v2] Add monitoring configuration to emr create-cluster (#9892) * Update to latest models * Update endpoints model * Bump version to 2.32.12 * Remove S3 endpoint s3v4 test (#9903) * Update to latest models * Update endpoints model * Bump version to 2.32.13 * Adds support for expanding host prefix to the BaseRpcV2Serializer class (#9901) * Update model-validation tests to describe violations in custom properties (#9823) * Update to latest models * Bump version to 2.32.14 * Upgrade bundled Python interpreter to 3.13.11. (#9902) * Update to latest models * Update endpoints model * Bump version to 2.32.15 * [Documentation] Warning against the use of S3 Global Endpoint (s3.amazonaws.com) as endpoint-url (#9850) docs: add caution note for S3 endpoint-url parameter Add note to S3 configuration documentation warning users about potential unintended behavior when using --endpoint-url parameter, including S3 redirect issues. This was prompted by setting the global S3 endpoint (s3.amazonaws.com) as a custom endpoint URL caused PermanentRedirect errors, redirect loops, and configuration confusion. While the guidance is generalized to cover broader endpoint configuration concerns, it specifically advises against using the global S3 endpoint as an endpoint-url parameter value. Addresses #9479 * Update to latest models * Update endpoints model * Bump version to 2.32.16 * Fix validates models record_property serialization errors (#9912) * Update to latest models * Bump version to 2.32.17 * [v2] Add GitHub Actions build workflow (#9918) * Update to latest models * Update endpoints model * Bump version to 2.32.18 * [v2] Fix pr action (#9922) * Update to latest models * Update endpoints model * Bump version to 2.32.19 * Add prefix to CloudTrail S3 digest file listing (#9933) Scope S3 list_objects call to trail's region by adding prefix parameter. This prevents processing digest files from all regions and improves validate-logs command performance when validating logs near current time. Add _create_digest_prefix method to generate region-specific prefix for both regular and organizational trails. Update existing tests and add new test coverage for prefix generation. Co-authored-by: Sasanka Mouli Subrahmanya Sri Veleti <sveleti@amazon.com> * Update to latest models * Update endpoints model * Bump version to 2.32.20 * ci: Skip new internal build for fork-origin PRs (#9937) * Adding new examples for medical-imaging's create-datastore and get-datastore (#9934) Co-authored-by: laiqmuhh <laiqmuhh@amazon.com> * Merge customizations for ARC Region switch * Update to latest models * Update endpoints model * Bump version to 2.32.21 * Introduce ECS Express Text-Only Mode (#9943) * Update to latest models * Bump version to 2.32.22 * Remove elastictranscoder client following the service deprecation * [v2] Add case-sensitivity handling to multi-object download operations (#9925) * Update to latest models * Update endpoints model * Bump version to 2.32.23 * Update to latest models * Update endpoints model * Bump version to 2.32.24 * Update to latest models * Bump version to 2.32.25 * Update to latest models * Update endpoints model * Bump version to 2.32.26 * Update to latest models * Bump version to 2.32.27 * Revert case sensitivity handling feature (#9960) Revert "[v2] Add case-sensitivity handling to multi-object download operations (#9925)" * Bump version to 2.32.28 * Update to latest models * Bump version to 2.32.29 * [v2] ci: scope down GitHub Token permissions (#9965) * ci: scope down GitHub Token permissions (#9804) * ci: scope down permissions for fail-master-prs.yml * ci: scope down permissions for run-bundle-test.yml * ci: scope down permissions for changelog.yml * ci: scope down permissions for update-lockfiles.yml * ci: scope down permissions for run-tests.yml * ci: scope down permissions for closed-issue-message.yml * ci: scope down permissions for stale_community_prs.yml * ci: scope down permissions for run-dep-tests.yml * ci: scope down permissions for doc-pr-cherry-pick.yml * ci: scope down permissions for source-dist-tests.yml --------- Co-authored-by: Adnan Khan <AdnaneKhan@users.noreply.github.com> * Support # in user_agent_appid (#9967) * Merge customizations for Cost Explorer * Update to latest models * Bump version to 2.32.30 * Update to latest models * Update endpoints model * Bump version to 2.32.31 * Prevent 'aws login' from updating a profile with existing credentials (#9924) * [v2] Update urllib3 to 2.6.3 (#9971) * [V2] Create update-vpc-link.rst (#9974) Co-authored-by: Sowjanya Pandruju <sowjanya.pandruju@gmail.com> --------- Co-authored-by: Elysa Hall <elysah@amazon.com> Co-authored-by: Kenneth Daily <kdaily@amazon.com> Co-authored-by: aws-sdk-python-automation <github-aws-sdk-python-automation@amazon.com> Co-authored-by: Justin Mae <justin511@gmail.com> Co-authored-by: Steve Yoo <106777148+hssyoo@users.noreply.github.com> Co-authored-by: SamRemis <sjremis94@gmail.com> Co-authored-by: Ahmed Moustafa <35640105+aemous@users.noreply.github.com> Co-authored-by: Adrian D. <101290859+adev-code@users.noreply.github.com> Co-authored-by: Sasanka Mouli Veleti <mouli20774@gmail.com> Co-authored-by: Sasanka Mouli Subrahmanya Sri Veleti <sveleti@amazon.com> Co-authored-by: Alex Shovlin <shovlia@amazon.com> Co-authored-by: laiqmuhh <laiqmuhh@amazon.com> Co-authored-by: jutyler1 <jutyler@amazon.com> Co-authored-by: Adnan Khan <AdnaneKhan@users.noreply.github.com> Co-authored-by: jonathan343 <43360731+jonathan343@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Sowjanya Pandruju <sowjanya.pandruju@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available: #9869
Description of changes:
This adds a prompt toaws loginto warn users when running it for a profile that already has a different style of credentials:This now prevents the user from proceeding if the profile already has existing credentials.
This should help avoid the confusing case where you run
aws loginbut subsequent commands are still using different credentials.I did not add support for clearing the other style of credentials yet. For access keys there wouldn't be an easy way to undo or retrieve them if we just delete them from the
credentialsfile, so I'd want to be more careful here. If we get feedback, we could expand in the future.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.