Last active
July 18, 2016 09:12
-
-
Save mjiderhamn/60ac901456f664a435688e489e696726 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@ECHO OFF | |
REM See https://gist.github.com/sneak/740dfe13f81deafbef7a | |
ECHO Removing current environment variables | |
SET AWS_ACCESS_KEY_ID= | |
SET AWS_SECRET_ACCESS_KEY= | |
SET AWS_SESSION_TOKEN= | |
REM Replace ... with proper values | |
SET ROLE=... | |
SET IAMUSER=... | |
SET IAM_ACCOUNT=... | |
SET ACCOUNT=... | |
SET REGION=... | |
SET ROLEARN=arn:aws:iam::%ACCOUNT%:role/%ROLE% | |
SET MFAARN=arn:aws:iam::%IAM_ACCOUNT%:mfa/%IAMUSER% | |
SET TEMP_FILE=%TEMP%\aws_assume_role.txt | |
SET /P MFACODE=Enter MFA token: | |
FOR /F "tokens=2-4 skip=3" %%i IN ('aws --output table --query Credentials^ | |
--region %REGION% sts assume-role ^ | |
--role-arn %ROLEARN% ^ | |
--role-session-name assumption-%IAMUSER% ^ | |
--serial-number %MFAARN% --token-code %MFACODE%') DO ( | |
IF /I "%%i" == "AccessKeyId" SET AWS_ACCESS_KEY_ID=%%k | |
REM Note that SecretAccessKey has the | separator inside its token, so the tokens are offset by one | |
IF /I "%%i" == "SecretAccessKey|" SET AWS_SECRET_ACCESS_KEY=%%j | |
IF /I "%%i" == "SessionToken" SET AWS_SESSION_TOKEN=%%k | |
) | |
IF /I %AWS_ACCESS_KEY_ID% == "" ( | |
ECHO "Failure" | |
EXIT 129 | |
) | |
ECHO Done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment