Instantly share code, notes, and snippets.

Embed
What would you like to do?
A bash function to get Vault (Hashicorp) credentials using AWS backend and set them in environment variables for use by the AWS cli.
#!/bin/bash
function vault-aws () {
VAULT_PATH=$1
if [ -z "$VAULT_PATH" ]; then
echo "Missing VAULT_PATH argument.\nExample: `vault-aws documents-store`"
exit 1
fi
if [ -z "$VAULT_ADDR" ]; then
echo "Missing VAULT_ADDR env variable"
exit 1
fi
CREDS=$(vault read aws/creds/$VAULT_PATH)
export AWS_ACCESS_KEY_ID=$(echo $CREDS | grep -o 'access_key [^ ]*' | awk '{print $2}')
export AWS_SECRET_ACCESS_KEY=$(echo $CREDS | grep -o 'secret_key [^ ]*' | awk '{print $2}')
DURATION=$(echo $CREDS | grep -o 'lease_duration [^ ]*' | awk '{print $2}')
echo Credentials good for $DURATION seconds.
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment