add details on README.srt file for using aws keys in environment vari…

…ables Signed-off-by: Norman Santiago <nsantiago2719@gmail.com>
getsops · Sep 6, 2023 · 3f88a6e · 3f88a6e
1 parent 7b3a032
commit 3f88a6e
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/README.rst b/README.rst
@@ -64,7 +64,7 @@ recommended to use at least two master keys in different regions.
 
 	export SOPS_KMS_ARN="arn:aws:kms:us-east-1:656532927350:key/920aff2e-c5f1-4040-943a-047fa387b27e,arn:aws:kms:ap-southeast-1:656532927350:key/9006a8aa-0fa6-4c14-930e-a2dfb916de1d"
 
-Your AWS credentials must be present in ``~/.aws/credentials``. sops uses aws-sdk-go.
+Your AWS credentials must be present in ``~/.aws/credentials`` if you are using AWS profiles. sops uses aws-sdk-go.
 
 .. code::
 
@@ -73,6 +73,12 @@ Your AWS credentials must be present in ``~/.aws/credentials``. sops uses aws-sd
 	aws_access_key_id = AKI.....
 	aws_secret_access_key = mw......
 
+On the other hand you can also declare the AWS_ACCESS_KEY_ID and AWS_SECRET_KEY in your environment variables and sops will also automatically read it as mentioned in the issue `#432 <https://github.com/getsops/sops/issues/432>`_
+
+.. code:: bash
+export AWS_ACCESS_KEY_ID="AKI......"
+export AWS_SECRET_ACCESS_KEY="mw......"
+
 If you want to use PGP, export the fingerprints of the public keys, comma
 separated, in the **SOPS_PGP_FP** env variable.