Skip to content

Instantly share code, notes, and snippets.

@gene1wood

gene1wood/assume-role.bash

Last active April 11, 2024 17:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gene1wood/babf83ef7d638e038deda7be28ba40ab to your computer and use it in GitHub Desktop.
Save gene1wood/babf83ef7d638e038deda7be28ba40ab to your computer and use it in GitHub Desktop.
Download ZIP
One liner to assume an AWS IAM role and set environment variables to use the resulting STS credentials
Raw
assume-role.bash
#!/bin/bash -x
# Session duration
# DURATION=43200
DURATION=3600
unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
if ! sts=( $(
aws sts assume-role \
--duration-seconds "$DURATION" \
--role-arn $1 \
--role-session-name gene \
--query 'Credentials.[AccessKeyId,SecretAccessKey,SessionToken]' \
--output text
) ); then
exit 1
fi
echo "export AWS_ACCESS_KEY_ID=${sts[0]} AWS_SECRET_ACCESS_KEY=${sts[1]} AWS_SESSION_TOKEN=${sts[2]}"
Raw
how-to-call.bash
$(assume-role.bash arn:aws:iam::123456789012:role/example-role)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment