Wrong/old AWS IAM Users showing on aws cli


AWS CLI showing different users than 'Correct users' in AWS Cloudshell or AWS Console browser I think the AWS CLI is connected to old root account that had these users, however, i have created another Amazon root-user-account but cannot see them in aws cli. Commands used on cli (windows):

  1. 'aws configure' -> entered the new user access-key-id and secret-access-key, these updated the '.aws\credentials' and '.aws\config'
  2. 'aws iam list-users' -> list of users are not the users newly created
  3. 'aws sts get-caller-identity' -> doesn't show the new user-id

Pls inform the steps to see the IAM users created with new aws root-user-account

1 Answer
Accepted Answer


Are you running the command on your local Windows PC?
Can you confirm that the access key settings are read from the credential file when you run the command below?

aws configure list

Below is an example of the response when the command is executed.
If the type column is "env", it is read from environment variables, so please check if the environment variables of your Windows PC are set.

      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************ABCD shared-credentials-file
secret_key     ****************EDGH shared-credentials-file
    region                us-east-2      config-file    ~/.aws/config
profile picture
answered 3 months ago
  • Hi Riku, The response of the 'aws configure list' on my Windows PC Name Value Type Location ---- ----- ---- -------- profile ga****-**** env ['AWS_PROFILE', 'AWS_DEFAULT_PROFILE'] access_key ****************7YGU env secret_key ****************8DI5 env region us-east-1 env ['AWS_REGION', 'AWS_DEFAULT_REGION']

    However, these access_key and secret_key is not matching the one created with new root-user account. Looks like these are from previous aws account.

  • Thank you for confirmation. Access keys have an order in which they are loaded, and if they are set in an environment variable, they will be loaded first. In your case, the access key is read from the environment variable, so please check whether the access key is set in the environment variable of the Windows PC. If it is set as an environment variable, delete it and it will be read from the credentials file.

    Control Panel -> System and Security -> System -> Advanced System Settings -> Environment Variables
  • Hi Riku, Thanks for advice! Removing the aws access_key system environments, i can able to see the correct users

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions