In the non-interactive credential configuration process, you must specify the authentication information required for the corresponding credential, in addition to the configuration name and credential type. This configuration method directly changes the content of the configuration file and does not verify the validity of the credential.

Overview

Non-interactive configuration uses the set sub-command under the configure command to configure credentials. The command format is as follows:
aliyun configure set [--profile <profileName>] [--region <regionId>] ... [credential options]
Note The credential option is required for credential configuration. When you configure a credential type, only the options required for this credential type are used.
Common options are as follows, which apply to all credential types:
  • --profile(required): Specifiy the configuration name. If the specified configuration exists, modify the configuration. If it does not exist, you must create a configuration.
  • --region(required): Specify the RegionId of the default region. RegionId supported by Alibaba Cloud. For more information, see Regions and zones.
  • --language: Specify the language displayed by Alibaba Cloud CLI. The default value is English.
  • --mode: Specify the configured credential type. The default value is AK.
    Note You can create and view your AccessKey on the AccessKey page of the Alibaba Cloud console, or obtain the AccessKey from your system administrator.

Configure AccessKey credential

In addition to the required options, you must specify the following options for the AccessKey credential type:
  • --access-key-id: Specify your AccessKey ID.
  • --access-key-secret: Specify your AccessKey Secret.
The following command configures an AccessKey credential named akProfile.
aliyun configure set \
  --profile akProfile \
  --mode AK \
  --region cn-hangzhou \
  --access-key-id AccessKeyID \
  --access-key-secret AccessKeySecret

Configure STS token credential

In addition to the required options, you must specify the following options for the STS Token credential type:
  • --access-key-id: Specify your AccessKey ID.
  • --access-key-secret: Specify your AccessKey Secret.
  • --mode StsToken: Specify the credential type as StsToken.
  • --sts-token: Specify the information required for StsToken authentication.
The following command configures an StsToken credential named stsTokenProfile:
aliyun configure set \
  --profile stsTokenProfile \
  --mode StsToken \
  --region cn-hangzhou \
  --access-key-id AccessKeyID \
  --access-key-secret AccessKeySecret \
  --sts-token StsToken

Configure RamRoleArn credential

In addition to the required options, you must specify the following options for the RamRoleArn credential type:
  • --access-key-id: Specify your AccessKey ID.
  • --access-key-secret: Specify your AccessKey Secret.
  • --mode RamRoleArn: Specify the credential type as RamRoleArn.
  • --ram-role-arn: Specify the information required for RamRoleArn authentication.
  • --role-session-name: Specify your RoleSessionName.
The following command configures a RamRoleArn credential named ramRoleArnProfile:
aliyun configure set \
  --profile ramRoleArnProfile \
  --mode RamRoleArn \
  --region cn-hangzhou \
  --access-key-id AccessKeyID \
  --access-key-secret AccessKeySecret \
  --ram-role-arn RamRoleArn \
  --role-session-name RoleSessionName

Configure EcsRamRole credential

In addition to the required options, you must specify the role bound to your ECS instance with --ram-role-name option for the EcsRamRole credential type. The following command configures an EcsRamRole credential named ecsRamRoleProfile:
aliyun configure set \ 
  --profile ecsRamRoleProfile \
  --mode EcsRamRole \
  --ram-role-name RoleName \
  --region cn-hangzhou