aws tools

aws2fa.sh

#!/bin/bash

if [[ -z ${MFA_DEVICE} ]]; then echo 'MFA_DEVICE is required'; exit -1; else echo 'MFA_DEVICE found'; fi
if [[ -z ${AWS_ACCESS_KEY_ID} ]]; then echo 'AWS_ACCESS_KEY_ID is required'; exit -1; else echo 'AWS_ACCESS_KEY_ID found'; fi
if [[ -z ${AWS_SECRET_ACCESS_KEY} ]]; then echo 'AWS_SECRET_ACCESS_KEY is required'; exit -1; else echo 'AWS_SECRET_ACCESS_KEY found'; fi

function aws_auth {
   CODE=$1
   RESPONSE=$2
   unset AWS_SESSION_TOKEN
   echo 'authentication using code: ' $CODE ' with registered device: ' $MFA_DEVICE
   RESPONSE=`aws sts get-session-token --serial-number $MFA_DEVICE --token-code $CODE`
}

echo 'enter MFA code: '
read CODE

# authenticate using code
RESPONSE=''
aws_auth $CODE RESPONSE

# get tocken
export AWS_SESSION_TOKEN=`echo $RESPONSE | jq -r .Credentials.SessionToken`
export AWS_ACCESS_KEY_ID=`echo $RESPONSE | jq -r .Credentials.AccessKeyId`
export AWS_SECRET_ACCESS_KEY=`echo $RESPONSE | jq -r .Credentials.SecretAccessKey`

echo 'session token: ' $AWS_SESSION_TOKEN
echo 'access key: ' $AWS_ACCESS_KEY_ID
echo 'secret key: ' $AWS_SECRET_ACCESS_KEY