Created
February 15, 2019 15:14
-
-
Save ivankelly/8a1becfce7d6428d1a2c6fd0a0f3710b to your computer and use it in GitHub Desktop.
turn role info in env variables.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
which jq > /dev/null | |
if [ $? != 0 ]; then | |
echo "You need to install jq for this to work" | |
exit 1 | |
fi | |
which aws > /dev/null | |
if [ $? != 0 ]; then | |
echo "You need to install awscli for any of this to work" | |
exit 1 | |
fi | |
usage() { | |
echo "Usage: $0 -r ROLE_ARN -s SESSION_NAME" | |
exit 1 | |
} | |
while getopts "r:s:" o; do | |
case "${o}" in | |
r) | |
ROLE_ARN=${OPTARG} | |
;; | |
s) | |
SESSION_NAME=${OPTARG} | |
;; | |
*) | |
usage | |
;; | |
esac | |
done | |
if [ -z "$ROLE_ARN" ] || [ -z "$SESSION_NAME" ]; then | |
usage | |
fi | |
unset AWS_ACCESS_KEY_ID | |
unset AWS_SECRET_ACCESS_KEY | |
unset AWS_SESSION_TOKEN | |
OUTFILE="$SESSION_NAME.env" | |
aws sts assume-role --role-arn "$ROLE_ARN" --role-session-name "$SESSION_NAME" | \ | |
jq -r '"export AWS_ACCESS_KEY_ID=\(.Credentials.AccessKeyId)\nexport AWS_SECRET_ACCESS_KEY=\(.Credentials.SecretAccessKey)\nexport AWS_SESSION_TOKEN=\(.Credentials.SessionToken)"' \ | |
| tee $OUTFILE | |
echo "'source $OUTFILE' to assume the role." >&2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment