Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Easily access AWS credentials stored in a central config file
branch: master



We all know it's good practice to rotate your AWS credentials. But it's a pain when you need to update config files in six different apps every time you rotate.

AWSCredentials is here to make your life easier.

Put a YAML file up on your server at /etc/aws.conf that contains

access_key: your-access-key
secret_access_key: your-secret-access-key

In your code

require 'aws_credentials'

and then check


to retrieve the credentials.

When you rotate your keys, update /etc/aws.conf, restart your applications, and everything should be up-to-date.

Multiple credential sets

If you have a separate set of credentials for staging, you can set

AWSCredentials.environment = :staging

Credentials will be read from '/etc/aws.staging.conf'.

This convention works with any environment name.

You can also ask for specific credentials, for example


Rails/Rack integration

To avoid needless AWSCredentials.envrionment sets in Rails, envrionment defaults to RAILS/RACK_ENV environmental variables.

So, in staging, your app will try to read config from


You're always welcome to set environment or config_path in the environment files to override.

Other config layouts

If want to store your AWS keys in a different file, you can set

AWSCredentials.config_path = '/some/other/path'

to pick up the YAML file from a different location.


Copyright © 2009 Ben Koski. See LICENSE for details.

Something went wrong with that request. Please try again.