Created
October 26, 2019 01:17
-
-
Save Riebart/19be998c38ccf1e1d0703808210cca65 to your computer and use it in GitHub Desktop.
Collection of bashrc contents that makes it a bit easier to work across accounts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# For non-256 colour terminals | |
#PS1='\[\e]0;\w\a\]\n\[\e[00;35m\]${AWS_PROFILE}$([ "$AWS_PROFILE" == "" ] && echo -n "" || echo -n " ")' | |
# The default region, if set | |
PS1=$PS1'\[\033[38;5;92m\]${AWS_DEFAULT_REGION}$([ "$AWS_DEFAULT_REGION" == "" ] || echo -n " ")' | |
# The AWS profile | |
PS1=$PS1'\[\e]0;\w\a\]\[\033[38;5;208m\]${AWS_PROFILE}$([ "$AWS_PROFILE" == "" ] || echo -n " ")' | |
# The existence of environment variables | |
PS1=$PS1'\[\e]0;\w\a\]\[\033[38;5;136m\]$([ "$AWS_ACCESS_KEY_ID" != "" ] && echo -n "+ENV-`echo ${AWS_ACCESS_KEY_ID} | tail -c4` ")' | |
# The time to expiration of the environment variable credentials | |
PS1=$PS1'\[\e]0;\w\a\]\[\033[38;5;136m\]$([ "$AWS_EXPIRATION" != "" ] && date -u -d "0001-01-01 00:00:00 UTC + $[`date -d $AWS_EXPIRATION +%s`-`date -u +%s`] second" +-%H:%M:%S | tr "\n" " ")' | |
# Alias to clear any explicit credential material in the env | |
alias awsclr='unset AWS_ACCESS_KEY_ID && unset AWS_SECRET_ACCCESS_KEY && unset AWS_SESSION_TOKEN' | |
# A helper function to assume a role using the current profile or credentials, and spit out the credentials to be inserted into the env | |
# | |
# Example Usage: source <(aws-role-env arn:aws:iam::123456789012:role/OrganizationAccountAccessRole $[3600*12] arn:aws:iam::123456789012:mfa/MyUser 123456) | |
function aws-role-env { | |
aws sts assume-role --duration-seconds $(if [ "$2" == "" ]; then echo "3600"; else echo "$2"; fi) $(if [ "$3" == "" ]; then echo ""; else echo --serial-number "$3" --token-code "$4"; fi) --role-arn "$1" --role-session-name `hostname`-`date +%FT%T%z | tr ':' '-'`-`uuidgen | head -c 16` | jq -r '.Credentials | ["ACCESS_KEY_ID="+(.AccessKeyId), "SECRET_ACCESS_KEY="+(.SecretAccessKey), "SESSION_TOKEN="+(.SessionToken), "EXPIRATION="+(.Expiration)] | map("export AWS_"+.)[]' | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment