There seems to have been a number of issues surrounding our use of AWS profiles:
Storing the AWS Profile in the encrypted file breaks expectations because it cannot be decrypted on systems where that profile doesn't exist. This is very different from how folks are used to interacting with AWS.
I'd propose that we deprecate storing the aws profile within the key and instead require users to pass --aws-profile every time they want to use an AWS profile.
There seems to have been a number of issues surrounding our use of AWS profiles:
--kms,--aws-profileoptions when decryption #471Storing the AWS Profile in the encrypted file breaks expectations because it cannot be decrypted on systems where that profile doesn't exist. This is very different from how folks are used to interacting with AWS.
I'd propose that we deprecate storing the aws profile within the key and instead require users to pass
--aws-profileevery time they want to use an AWS profile.