Skip to content

Instantly share code, notes, and snippets.

@ese
Created November 12, 2019 11:42
Show Gist options
  • Save ese/b906962e7611eaba9ccae7d1b07ca323 to your computer and use it in GitHub Desktop.
Save ese/b906962e7611eaba9ccae7d1b07ca323 to your computer and use it in GitHub Desktop.
#!/bin/bash
#
# Retrieve temporal credentials with MFA from awscli
#
#
# Usage . ./awslogin.sh 2FA_TOKEN
#
AWS_ACCOUNT_ID="123456"
AWS_USERNAME="usuario"
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
unset AWS_SESSION_TOKEN
# Personal AWS keys
export AWS_ACCESS_KEY_ID="XXXXXXXXXXXXXXXX"
export AWS_SECRET_ACCESS_KEY="YYYYYYYYYYYYYYYYYYYYYYYYYYYY"
certjson=$( aws sts get-session-token --output json --duration-seconds 3600 --serial-number arn:aws:iam::${AWS_ACCOUNT_ID}:mfa/${AWS_USERNAME} --token-code $1)
export AWS_SECRET_ACCESS_KEY=$( echo $certjson | jq -r .Credentials.SecretAccessKey )
export AWS_ACCESS_KEY_ID=$( echo $certjson | jq -r .Credentials.AccessKeyId )
export AWS_SESSION_TOKEN=$( echo $certjson | jq -r .Credentials.SessionToken )
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment