n0ts/run-aws-assume-role.sh

## run-aws-assume-role.sh
readonly aws_account_id=xxx
readonly aws_asusme_role=xxx
readonly credentials=$(aws sts assume-role \
    --role-arn arn:aws:iam::$aws_account_id:role/$aws_assume_role \
    --role-session-name session-$(basename $0 .sh) \
    --query Credentials)

export AWS_ACCESS_KEY_ID=$(echo $credentials | jq -r '.AccessKeyId')
export AWS_SECRET_ACCESS_KEY=$(echo $credentials | jq -r '.SecretAccessKey')
export AWS_SESSION_TOKEN=$(echo $credentials | jq -r '.SessionToken')

aws s3 ...
aws ec2 ...

#{
#    "Version": "2012-10-17",
#    "Statement": [
#        {
#            "Sid": "AllowSTSResources01",
#            "Effect": "Allow",
#            "Action": "sts:AssumeRole",
#            "Resource": "arn:aws:iam::$aws_account_id:role/xxx"
#        }
#    ]
#}
	readonly aws_account_id=xxx
	readonly aws_asusme_role=xxx
	readonly credentials=$(aws sts assume-role \
	--role-arn arn:aws:iam::$aws_account_id:role/$aws_assume_role \
	--role-session-name session-$(basename $0 .sh) \
	--query Credentials)

	export AWS_ACCESS_KEY_ID=$(echo $credentials \| jq -r '.AccessKeyId')
	export AWS_SECRET_ACCESS_KEY=$(echo $credentials \| jq -r '.SecretAccessKey')
	export AWS_SESSION_TOKEN=$(echo $credentials \| jq -r '.SessionToken')

	aws s3 ...
	aws ec2 ...

	#{
	# "Version": "2012-10-17",
	# "Statement": [
	# {
	# "Sid": "AllowSTSResources01",
	# "Effect": "Allow",
	# "Action": "sts:AssumeRole",
	# "Resource": "arn:aws:iam::$aws_account_id:role/xxx"
	# }
	# ]
	#}