AWS Assume-Role requiring only aws-cli and jq
git clone https://gist.github.com/80306011bb5da80c765ffd6aa2ecf89b.git arole
ln -s $PWD/arole/arole /usr/local/bin
After completing the 2 commands above...
cat >> ~/.bash_profile <<EOF
[[ -f /usr/local/bin/arole ]] && source /usr/local/bin/arole
EOF
Functions ran in your interactive shell can modify the environment of your shell. Because of this, I suggest using it in this way.
arole dev
Because child processes cannot modify the environment of thier parent, you must eval
the output of the execcutable.
eval $(arole dev)
The script has its own mock function within it. It can be used for testing by setting the MOCK_AWS
environment variable.
$ MOCK_AWS=1 ./assrole dev
export AWS_ASSUMED_ROLE_ACCOUNT_ID="485548554855"
export AWS_ASSUMED_ROLE_ACCOUNT="dev"
export AWS_ASSUMED_ROLE_ID="AROAIWL33TL33TL33TL33:brunobronosky"
export AWS_ASSUMED_ROLE_ARN="arn:aws:sts::485548554855:assumed-role/allow-full-access-from-other-accounts/brunobronosky"
export AWS_SECRET_ACCESS_KEY="L33TL33TL33TL33TL33TL33TL33TL33TL33TL33T"
export AWS_SESSION_TOKEN="L33TL33TL33TEI///////////L33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33Tm9/TL33TL33TL33TL33T/TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33Tz9/TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TS/TL33TL33TL33TL33TL33TL33TL33TL33TL33T/TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33TL33Tos/TL33TL33TL33TL33TL33TL33TL33T/A=="
export AWS_EXPIRATION="2019-11-01T00:00:00Z"
export AWS_ACCESS_KEY_ID="ASIAL33TL33TL33TL33T"