AWS provides a mechanism for temporarily assuming another role within their API system. While it is not a technically hard process it can be convoluted and hard to understand. This document aims to both make it easier to follow along with as well as give an in depth explanation of some of the underpinnings of the Bourne Again Shell (aka BASH) which can make this easier to utilize on a day to day basis.
Below is an overexplained version of the following process:
- Using credentials stored in
~/.aws/credentialsas a "profile" which are then understood by the AWS command line tools - Using those AWS credentials, temporarily assume a role using the AWS Security Token Service (STS) to get temporary