anniejw6/alias.sh Secret

## readme.md

      
    Raw
  

              readme.md
            
          
Install AWS CLI version 1: https://docs.aws.amazon.com/cli/latest/userguide/install-cliv1.html
Run aws configure once installed
Put alias.sh, mfa.cfg, and mfa.sh in ~/.aws/
Modify mfa.cfg with the MFA device ID located on the same page as (and directly below) where you found your AWS access and secret key
Add source ~/.aws/alias.sh in .bashrc or .zshrc
Source your .bashrc or .zshrc
Run awsmfa followed by your MFA code, e.g., awsmfa 111111
You should be all set up


## alias.sh
#!/bin/bash
awsmfa() {
    ~/.aws/mfa.sh $1 $2
    source ~/.aws/token_file
    echo "Your creds have been set in your env."
}
alias mfa=setToken

## mfa.cfg
default="arn:aws:iam::123123123123:mfa/username"

## mfa.sh
#!/bin/bash
#
# Sample for getting temp session token from AWS STS
#
# aws --profile youriamuser sts get-session-token --duration 3600 \
# --serial-number arn:aws:iam::012345678901:mfa/user --token-code 012345
#
# Once the temp token is obtained, you'll need to feed the following environment
# variables to the aws-cli:
#
# export AWS_ACCESS_KEY_ID='KEY'
# export AWS_SECRET_ACCESS_KEY='SECRET'
# export AWS_SESSION_TOKEN='TOKEN'

AWS_CLI=`which aws`

if [ $? -ne 0 ]; then
  echo "AWS CLI is not installed; exiting"
  exit 1
fi

# 1 or 2 args ok
if [[ $# -ne 1 && $# -ne 2 ]]; then
  echo "Usage: $0 <MFA_TOKEN_CODE> <AWS_CLI_PROFILE>"
  echo "Where:"
  echo "   <MFA_TOKEN_CODE> = Code from virtual MFA device"
  echo "   <AWS_CLI_PROFILE> = aws-cli profile usually in $HOME/.aws/config"
  exit 2
fi

#echo "Reading config..."
if [ ! -r ~/.aws/mfa.cfg ]; then
  echo "No config found.  Please create your mfa.cfg.  See README.txt for more info."
  exit 2
fi

AWS_CLI_PROFILE=${2:-default}
MFA_TOKEN_CODE=$1
ARN_OF_MFA=$(grep "^$AWS_CLI_PROFILE" ~/.aws/mfa.cfg | cut -d '=' -f2- | tr -d '"')

# echo "AWS-CLI Profile: $AWS_CLI_PROFILE"
# echo "MFA ARN: $ARN_OF_MFA"
# echo "MFA Token Code: $MFA_TOKEN_CODE"

#echo "Your Temporary Creds:"
aws --profile $AWS_CLI_PROFILE sts get-session-token --duration 129600 \
  --serial-number $ARN_OF_MFA --token-code $MFA_TOKEN_CODE --output text \
  | awk '{printf("export AWS_ACCESS_KEY_ID=\"%s\"\nexport AWS_SECRET_ACCESS_KEY=\"%s\"\nexport AWS_SESSION_TOKEN=\"%s\"\nexport AWS_SECURITY_TOKEN=\"%s\"\n",$2,$4,$5,$5)}' > ~/.aws/token_file
	#!/bin/bash
	awsmfa() {
	~/.aws/mfa.sh $1 $2
	source ~/.aws/token_file
	echo "Your creds have been set in your env."
	}
	alias mfa=setToken
	#!/bin/bash
	#
	# Sample for getting temp session token from AWS STS
	#
	# aws --profile youriamuser sts get-session-token --duration 3600 \
	# --serial-number arn:aws:iam::012345678901:mfa/user --token-code 012345
	#
	# Once the temp token is obtained, you'll need to feed the following environment
	# variables to the aws-cli:
	#
	# export AWS_ACCESS_KEY_ID='KEY'
	# export AWS_SECRET_ACCESS_KEY='SECRET'
	# export AWS_SESSION_TOKEN='TOKEN'

	AWS_CLI=`which aws`

	if [ $? -ne 0 ]; then
	echo "AWS CLI is not installed; exiting"
	exit 1
	fi

	# 1 or 2 args ok
	if [[ $# -ne 1 && $# -ne 2 ]]; then
	echo "Usage: $0 <MFA_TOKEN_CODE> <AWS_CLI_PROFILE>"
	echo "Where:"
	echo " <MFA_TOKEN_CODE> = Code from virtual MFA device"
	echo " <AWS_CLI_PROFILE> = aws-cli profile usually in $HOME/.aws/config"
	exit 2
	fi

	#echo "Reading config..."
	if [ ! -r ~/.aws/mfa.cfg ]; then
	echo "No config found. Please create your mfa.cfg. See README.txt for more info."
	exit 2
	fi

	AWS_CLI_PROFILE=${2:-default}
	MFA_TOKEN_CODE=$1
	ARN_OF_MFA=$(grep "^$AWS_CLI_PROFILE" ~/.aws/mfa.cfg \| cut -d '=' -f2- \| tr -d '"')

	# echo "AWS-CLI Profile: $AWS_CLI_PROFILE"
	# echo "MFA ARN: $ARN_OF_MFA"
	# echo "MFA Token Code: $MFA_TOKEN_CODE"

	#echo "Your Temporary Creds:"
	aws --profile $AWS_CLI_PROFILE sts get-session-token --duration 129600 \
	--serial-number $ARN_OF_MFA --token-code $MFA_TOKEN_CODE --output text \
	\| awk '{printf("export AWS_ACCESS_KEY_ID=\"%s\"\nexport AWS_SECRET_ACCESS_KEY=\"%s\"\nexport AWS_SESSION_TOKEN=\"%s\"\nexport AWS_SECURITY_TOKEN=\"%s\"\n",$2,$4,$5,$5)}' > ~/.aws/token_file