atmos auth exec
Run any tool (Terraform, AWS CLI, kubectl, etc.) with the right cloud identity injected automatically into the environment. Use exec when you want a one-off command to inherit secure, temporary credentials without polluting your shell session.
Exec vs Shell
Use exec for single commands or automation. Use shell for interactive sessions where you'll run multiple commands.
Usage​
atmos auth exec [--identity <name>] -- <command> [args...]
Arguments​
- command
- The program to execute with authentication environment variables set.
- args...
- Arguments to pass through to the command.
Examples​
# Run terraform with authenticated env (uses default identity)
atmos auth exec -- terraform plan -var-file=env.tfvars
# Interactively select identity
atmos auth exec --identity -- aws sts get-caller-identity
# Use a specific identity
atmos auth exec --identity prod-admin -- aws sts get-caller-identity
# Inspect env
atmos auth exec -- env | grep AWS
Flags​
--identity(alias-i)Specify the identity to use. This flag has three modes:
- With value (
--identity admin): Use the specified identity - Without value (
--identity): Show interactive selector to choose identity - Omitted: Use the default identity configured in
atmos.yaml
- With value (
Notes​
--is required to stop Atmos flag parsing; everything after is passed to the subcommand.