Using the AWS CLI for various credential related activities

awscli.md

awscli

Using an assumed role credentials with environment variables

# Clear any existing ENV credentials
unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN
# Assumed the specified role and export the required values
KEYS=$(aws sts assume-role --role-arn $AWS_ROLE_ARN \
  --role-session-name testing --duration 900); \
  export AWS_ACCESS_KEY_ID=$(echo $KEYS | jq -cr .Credentials.AccessKeyId) && \
  export AWS_SECRET_ACCESS_KEY=$(echo $KEYS | jq -cr .Credentials.SecretAccessKey) && \
  export AWS_SESSION_TOKEN=$(echo $KEYS | jq -cr .Credentials.SessionToken) && \
  echo $AWS_ACCESS_KEY_ID
# Show the caller of the set ENVs/credentials
aws sts get-caller-identity