Skip to content

Instantly share code, notes, and snippets.

@mearns

mearns/README.md

Last active August 3, 2020 14:07
Show Gist options
  • Save mearns/a97c0fed9b60552ae04ce90ddcd3a554 to your computer and use it in GitHub Desktop.
Save mearns/a97c0fed9b60552ae04ce90ddcd3a554 to your computer and use it in GitHub Desktop.
Download ZIP
EC2 Get credentials
Raw
README.md

You can get AWS credentials from your EC2 instance using this script. However, you can't just run this, you need to source it, like:

> . get-creds.sh

And you need to have jq installed.

Use

For the AWS CLI

You can use this to authenticate for the AWS CLI. For instance, add a profile like this to your ~/.aws/config file:

[default]
region = us-east-1
role_arn = arn:aws:iam::${YOUR_AWS_ACCOUNT_ID}:role/${ROLE_NAME}
credential_source = Environment

The alernative credential_source for EC2 is Ec2InstanceMetadata.

Neptune

It will set the appropriate environment variables for connecting your gremlin-console to your IAM authenticated Neptune DB, as described here: https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth-connecting-gremlin-console.html

Raw
get-creds.bash
#!/bin/bash
export SERVICE_REGION=" SET YOUR REGION HERE "
ROLE_NAME=" SET YOUR ROLE NAME HERE "
CREDS=$( curl --silent http://169.254.169.254/latest/meta-data/iam/security-credentials/$ROLE_NAME )
export AWS_ACCESS_KEY_ID=$( echo "$CREDS" | jq --raw-output ".AccessKeyId" )
export AWS_SECRET_ACCESS_KEY=$( echo "$CREDS" | jq --raw-output ".SecretAccessKey" )
export AWS_SESSION_TOKEN=$( echo "$CREDS" | jq --raw-output ".Token" )
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment