Assume role using the AWS cli and add creds to a profile for use in other commands.

aws-assume-role.sh

#!/bin/bash

ROLE_ARN="$1"
AWS_PROFILE="$2"
ROLE_JSON="$(aws sts assume-role --role-arn ${ROLE_ARN} --role-session-name ${AWS_PROFILE}-deploy)"

SECRETKEYREGEX='"SecretAccessKey": "([^"]*)"'
ACCESSKEYREGEX='"AccessKeyId": "([^"]*)"'
TOKENREGEX='"SessionToken": "([^"]*)"'

if [[ $ROLE_JSON =~ $SECRETKEYREGEX ]]
then
    AWS_SECRET_ACCESS_KEY=${BASH_REMATCH[1]}
else
    echo "No secret yo"
    exit 1
fi

if [[ $ROLE_JSON =~ $ACCESSKEYREGEX ]]
then
    AWS_ACCESS_KEY_ID=${BASH_REMATCH[1]}
else
    echo "No access key yo"
    exit 1
fi

if [[ $ROLE_JSON =~ $TOKENREGEX ]]
then
    AWS_SESSION_TOKEN=${BASH_REMATCH[1]}
else
    echo "No token yo"
    exit 1
fi

aws configure set aws_access_key_id ${AWS_ACCESS_KEY_ID} --profile ${AWS_PROFILE}
aws configure set aws_secret_access_key ${AWS_SECRET_ACCESS_KEY} --profile ${AWS_PROFILE}
aws configure set aws_session_token ${AWS_SESSION_TOKEN} --profile ${AWS_PROFILE}