I tore apart three scripts today because the wrong AWS profile ran in production.
If you’ve ever switched between AWS accounts, you know the danger. You set an environment variable. You run a command. You forget to switch back. Then the damage is done. The fix is simple: use AWS CLI–style profiles in your shell scripts. No guessing, no second-guessing.
AWS CLI profiles separate credentials and settings for each account. They keep secrets out of your code. They let you move from dev to staging to prod without rewriting commands. They make scripts predictable.
First, create named profiles in your AWS config:
aws configure --profile dev
aws configure --profile staging
aws configure --profile prod
This writes to ~/.aws/config and ~/.aws/credentials. Each profile has its own keys and default region.
Then, in your scripts, point commands to the right profile:
aws s3 ls --profile dev
aws ec2 describe-instances --profile staging
aws lambda update-function-code \
--function-name my-func \
--zip-file fileb://code.zip \
--profile prod
No reliance on AWS_PROFILE environment variables. No bleed between shell sessions. Each command is explicit. This works anywhere the AWS CLI runs.
If you want default safety, add a guard at the start of your script:
PROFILE="$1"
if [ -z "$PROFILE"]; then
echo "Usage: $0 <profile>"
exit 1
fi
Then run:
./deploy.sh dev
./deploy.sh prod
Inside the script, call:
aws s3 sync ./build s3://my-bucket --profile "$PROFILE"
Shell scripting with AWS CLI–style profiles enforces precision. You run the right commands against the right accounts. Testing becomes cleaner. Deployments become safer.
The fastest way to see this discipline in action is to connect with a platform that lets you define, swap, and run profiles instantly. Try it with hoop.dev and watch your scripts run live in minutes.