masami256/setup_aws_mfa.sh

## setup_aws_mfa.sh
#!/bin/bash

# Before run this script, get authengication token via google authenticator app or other tool
if [ $# != 1 ]; then
    echo "usage: $0 [token]"
    exit 1
fi

tokencode=$1

which jq >/dev/null 2>&1
if [ $? != 0 ]; then
    echo "jq command is required"
    exit 1
fi

if [ "${MFA_AWS_DEVICE_ARN}" = "" ]; then
    echo "please set MFA device's arn to MFA_AWS_DEVICE_ARN"
    exit 1
fi

tmpfile=$(mktemp)
aws sts get-session-token --serial-number "${MFA_AWS_DEVICE_ARN}" --token-code "${tokencode}" > ${tmpfile}

if [ $? = 0 ]; then
    echo "Please run following command."
    echo "export AWS_ACCESS_KEY_ID=$(jq '.Credentials.AccessKeyId'  ${tmpfile})"
    echo "export AWS_SECRET_ACCESS_KEY=$(jq '.Credentials.SecretAccessKey'  ${tmpfile})"
    echo "export AWS_SESSION_TOKEN=$(jq '.Credentials.SessionToken'  ${tmpfile})"
else
    echo "failed to get session"
fi

rm -f ${tmpfile}
	#!/bin/bash

	# Before run this script, get authengication token via google authenticator app or other tool
	if [ $# != 1 ]; then
	echo "usage: $0 [token]"
	exit 1
	fi

	tokencode=$1

	which jq >/dev/null 2>&1
	if [ $? != 0 ]; then
	echo "jq command is required"
	exit 1
	fi

	if [ "${MFA_AWS_DEVICE_ARN}" = "" ]; then
	echo "please set MFA device's arn to MFA_AWS_DEVICE_ARN"
	exit 1
	fi

	tmpfile=$(mktemp)
	aws sts get-session-token --serial-number "${MFA_AWS_DEVICE_ARN}" --token-code "${tokencode}" > ${tmpfile}

	if [ $? = 0 ]; then
	echo "Please run following command."
	echo "export AWS_ACCESS_KEY_ID=$(jq '.Credentials.AccessKeyId' ${tmpfile})"
	echo "export AWS_SECRET_ACCESS_KEY=$(jq '.Credentials.SecretAccessKey' ${tmpfile})"
	echo "export AWS_SESSION_TOKEN=$(jq '.Credentials.SessionToken' ${tmpfile})"
	else
	echo "failed to get session"
	fi

	rm -f ${tmpfile}