Skip to content

Instantly share code, notes, and snippets.

@n0ts
Last active June 23, 2024 21:32
Show Gist options
  • Save n0ts/a615909daaca28335e118cf19dc8a270 to your computer and use it in GitHub Desktop.
Save n0ts/a615909daaca28335e118cf19dc8a270 to your computer and use it in GitHub Desktop.
aws-cli-assume-role-example
readonly aws_account_id=xxx
readonly aws_asusme_role=xxx
readonly credentials=$(aws sts assume-role \
--role-arn arn:aws:iam::$aws_account_id:role/$aws_assume_role \
--role-session-name session-$(basename $0 .sh) \
--query Credentials)
export AWS_ACCESS_KEY_ID=$(echo $credentials | jq -r '.AccessKeyId')
export AWS_SECRET_ACCESS_KEY=$(echo $credentials | jq -r '.SecretAccessKey')
export AWS_SESSION_TOKEN=$(echo $credentials | jq -r '.SessionToken')
aws s3 ...
aws ec2 ...
#{
# "Version": "2012-10-17",
# "Statement": [
# {
# "Sid": "AllowSTSResources01",
# "Effect": "Allow",
# "Action": "sts:AssumeRole",
# "Resource": "arn:aws:iam::$aws_account_id:role/xxx"
# }
# ]
#}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment