Last active
June 17, 2020 14:09
-
-
Save christianromney/396877f7916d6e67f432485f4d169eef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # DESCRIPTION | |
| # utility to aid in the setup of temporary AWS assumed role credentials | |
| # | |
| # USAGE | |
| # pipe the output of aws sts assume-role to this script and redirect the output | |
| # to append the temporary credentials to your $HOME/.aws/credentials | |
| # | |
| # you may supply a profile name as an argument. if you do not, then one is generated | |
| # for you from the current time. | |
| # | |
| # EXAMPLE | |
| # aws sts assume-role --role-arn arn:aws:iam::000987654321:role/some-assumed-role \ | |
| # --role-session-name iam-pw-reset-aws-cli \ | |
| # --serial-number arn:aws:iam::123456789000:mfa/YourName \ | |
| # --token-code 123456 | |
| # --profile some-profile | format-aws-credential.sh assumed-profile-name >> ~/.aws/credentials | |
| STDIN=$(cat) | |
| ACCESS_KEY=$(echo $STDIN | jq -r '.Credentials.AccessKeyId') | |
| SECRET_KEY=$(echo $STDIN | jq -r '.Credentials.SecretAccessKey') | |
| SESSION=$(echo $STDIN | jq -r '.Credentials.SessionToken') | |
| DEFAULT_PROFILE=$(date +"temp-%Y%m%d%H%M%S") | |
| PROFILE="${1:-$DEFAULT_PROFILE}" | |
| cat <<-EOF | |
| [$PROFILE] | |
| aws_access_key_id = $ACCESS_KEY | |
| aws_secret_access_key = $SECRET_KEY | |
| aws_session_token = $SESSION | |
| EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment