Skip to content

Instantly share code, notes, and snippets.

View ethanculler's full-sized avatar

Ethan Culler-Mayeno ethanculler

  • Evidation Health
  • Santa Barbara, CA
View GitHub Profile
@brianredbeard
brianredbeard / get_token.md
Last active October 3, 2022 02:18
aws, sts, and bash

About

AWS provides a mechanism for temporarily assuming another role within their API system. While it is not a technically hard process it can be convoluted and hard to understand. This document aims to both make it easier to follow along with as well as give an in depth explanation of some of the underpinnings of the Bourne Again Shell (aka BASH) which can make this easier to utilize on a day to day basis.

Explanation

Below is an overexplained version of the following process:

  1. Using credentials stored in ~/.aws/credentials as a "profile" which are then understood by the AWS command line tools
  2. Using those AWS credentials, temporarily assume a role using the AWS Security Token Service (STS) to get temporary