Last active
January 11, 2022 16:30
-
-
Save parsley42/404adb4f2eec8b23655c5524b0cabab4 to your computer and use it in GitHub Desktop.
AWS SSO Session Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -e | |
# aws-sso-session | |
# Sets up aws configuration from temporary credentials provided by SSO. | |
usage(){ | |
cat >&2 <<EOF | |
Usage: | |
# These values should be pasted in from AWS SSO web app. | |
$ AWS_ACCESS_KEY_ID=<redacted> | |
$ AWS_SECRET_ACCESS_KEY=<redacted> | |
$ AWS_SESSION_TOKEN=<redacted> | |
$ eval \`aws-sso-session [-r <region>] [-p <profile>]\` | |
EOF | |
exit 1 | |
} | |
PROFILE="default" | |
while getopts ":ir:p:" OPT; do | |
case $OPT in | |
r ) | |
SET_REGION=$OPTARG | |
;; | |
p ) | |
PROFILE=$OPTARG | |
;; | |
\? | h) | |
[ "$OPT" != "h" ] && echo "Invalid option: $OPTARG" >&2 | |
usage | |
exit 1 | |
;; | |
esac | |
done | |
shift $((OPTIND -1)) | |
if [ ! "$AWS_ACCESS_KEY_ID" ] | |
then | |
echo "ERROR: You need to manually set AWS_* vars for import" >&2 | |
usage | |
fi | |
echo "Updating $PROFILE AWS credentials..." >&2 | |
aws --profile $PROFILE configure set aws_access_key_id $AWS_ACCESS_KEY_ID | |
aws --profile $PROFILE configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY | |
aws --profile $PROFILE configure set aws_session_token $AWS_SESSION_TOKEN | |
if [ "$SET_REGION" ] | |
then | |
aws --profile $PROFILE configure set region $SET_REGION | |
fi | |
echo unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN | |
echo "AWS session credentials updated." >&2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment