Login using `$ aws sts assume-role` command and export the credentials in shell environment

assume_aws_role.sh

# Set PATH, MANPATH, etc., for Homebrew.
eval "$(/opt/homebrew/bin/brew shellenv)"

function assume_aws_role() {
  # Define a function to print the help message
  function print_help {
    echo "Usage: assume_aws_role [OPTIONS]"
    echo "Assumes an AWS IAM role and exports the required credentials and assumed role information as environment variables."
    echo ""
    echo "Options:"
    echo "  -a, --account-id     The AWS account ID that owns the IAM role to assume."
    echo "  -r, --role-name      The name of the IAM role to assume."
    echo "  -s, --session-name   The name of the session to create when assuming the IAM role."
    echo "  -p, --profile        The name of the AWS CLI profile to use."
    echo "  -e, --external-id    The external ID to use when assuming the IAM role."
    echo "  -h, --help           Display this help message and exit."
  }

  # Parse the command line arguments
  while [[ $# -gt 0 ]]; do
    key="$1"
    case ${key} in
      -a|--account-id)
        ACCOUNT_ID="${2}"
        shift 2
        ;;
      -r|--role-name)
        ROLE_NAME="${2}"
        shift 2
        ;;
      -s|--session-name)
        SESSION_NAME="${2}"
        shift 2
        ;;
      -p|--profile)
        PROFILE="${2}"
        shift 2
        ;;
      -e|--external-id)
        EXTERNAL_ID="${2}"
        shift 2
        ;;
      -h|--help)
        print_help
        return 0
        ;;
      *)
        echo "Invalid option: ${1}" 1>&2
        print_help
        return 1
        ;;
    esac
  done


  # Assume the specified IAM role and capture the JSON output
  if [ -z "${EXTERNAL_ID}" ]; then
    if [ -z "${PROFILE}" ]; then
      JSON=$(aws sts assume-role --role-arn "arn:aws:iam::${ACCOUNT_ID}:role/${ROLE_NAME}" --role-session-name "${SESSION_NAME}" --query 'Credentials' --output json)
    else
      JSON=$(aws sts assume-role --profile "${PROFILE}" --role-arn "arn:aws:iam::${ACCOUNT_ID}:role/${ROLE_NAME}" --role-session-name "${SESSION_NAME}" --query 'Credentials' --output json)
    fi
  else
    if [ -z "${PROFILE}" ]; then
      JSON=$(aws sts assume-role --role-arn "arn:aws:iam::${ACCOUNT_ID}:role/${ROLE_NAME}" --role-session-name "${SESSION_NAME}" --external-id "${EXTERNAL_ID}" --query 'Credentials' --output json)
    else
      JSON=$(aws sts assume-role --profile "${PROFILE}" --role-arn "arn:aws:iam::${ACCOUNT_ID}:role/${ROLE_NAME}" --role-session-name "${SESSION_NAME}" --external-id "${EXTERNAL_ID}" --query 'Credentials' --output json)
    fi
  fi

  # Extract the credentials and assumed role information from the JSON output
  ACCESS_KEY_ID=$(echo "${JSON}" | jq -r '.AccessKeyId')
  SECRET_ACCESS_KEY=$(echo "${JSON}" | jq -r '.SecretAccessKey')
  SESSION_TOKEN=$(echo "${JSON}" | jq -r '.SessionToken')
  EXPIRATION=$(echo "${JSON}" | jq -r '.Expiration')
  ROLE_ID=$(echo "${JSON}" | jq -r '.AssumedRoleId')
  ROLE_ARN=$(echo "${JSON}" | jq -r '.Arn')

  # Export the credentials and assumed role information as environment variables
  export AWS_ACCESS_KEY_ID="${ACCESS_KEY_ID}"
  export AWS_SECRET_ACCESS_KEY="${SECRET_ACCESS_KEY}"
  export AWS_SESSION_TOKEN="${SESSION_TOKEN}"
  export AWS_CREDENTIAL_EXPIRATION="${EXPIRATION}"
  export AWS_ASSUMED_ROLE_ID="${ROLE_ID}"
  export AWS_ASSUMED_ROLE_ARN="${ROLE_ARN}"

  return 0
}

# example usage
# assume_aws_role -a 123456789012 -r my-role -s my-session -p my-profile -e my-external-id

Requires aws-cli, and jq to be installed.
Works perfectly if you add this function to .zprofile or .bash_profile files