diff --git a/main.go b/main.go
index a43c622..2fb816e 100644
--- a/main.go
+++ b/main.go
@@ -20,10 +20,11 @@ var svc *ecr.ECR
 
 // RunFlag -
 type RunFlag struct {
-	Repo       string
-	KeepNum    int
-	ExcludeTag arrayFlag
-	ListRepo   bool
+	Repo        string
+	KeepNum     int
+	ExcludeTag  arrayFlag
+	ListRepo    bool
+	CertProfile string
 }
 
 type ImageArr []*ecr.ImageDetail
@@ -56,22 +57,30 @@ func init() {
 	flag.IntVar(&runFlag.KeepNum, "keep", 5, "keep number images")
 	flag.Var(&runFlag.ExcludeTag, "e", "exlude delete tag")
 	flag.BoolVar(&runFlag.ListRepo, "list-repo", false, "list all repository")
+	flag.StringVar(&runFlag.CertProfile, "profile", "", "aws config profile")
 	flag.Parse()
 }
 
 func main() {
-	accessKey := os.Getenv("AWS_ACCESS_KEY")
-	secretKey := os.Getenv("AWS_SECRET_KEY")
+	var cred *credentials.Credentials
+	_ = cred
 	region := os.Getenv("AWS_REGION")
-	if len(accessKey) == 0 || len(secretKey) == 0 {
-		log.Fatal("aws access key or secret key env not found")
-	}
 	if len(region) == 0 {
 		region = "us-east-1"
 	}
+	if len(runFlag.CertProfile) == 0 {
+		accessKey := os.Getenv("AWS_ACCESS_KEY")
+		secretKey := os.Getenv("AWS_SECRET_KEY")
+		if len(accessKey) == 0 || len(secretKey) == 0 {
+			log.Fatal("AWS_ACCESS_KEY or AWS_SECRET_KEY env not found")
+		}
+		cred = credentials.NewStaticCredentials(accessKey, secretKey, "")
+	} else {
+		cred = credentials.NewSharedCredentials("", runFlag.CertProfile)
+	}
 	conf := &aws.Config{
 		Region:      aws.String(region),
-		Credentials: credentials.NewStaticCredentials(accessKey, secretKey, ""),
+		Credentials: cred,
 	}
 	sess := session.New(conf)
 	svc = ecr.New(sess)