Skip to content

Instantly share code, notes, and snippets.

@rdlu
Created June 4, 2019 17:04
Show Gist options
  • Save rdlu/63e8e17d9b50b19c28e646b237c88e42 to your computer and use it in GitHub Desktop.
Save rdlu/63e8e17d9b50b19c28e646b237c88e42 to your computer and use it in GitHub Desktop.
Connecting to Amazon SSM using MFA
#! /bin/bash
ACCOUNT_NUM=<MY_AWS_ACCOUNT_NUM>
ACCOUNT_USER=<MY_AWS_ACCOUNT_USER>
aws configure --profile ask-mfa list > /dev/null
if [ $? -eq 0 ]
then
read -p "Token MFA da conta $ACCOUNT_NUM/$ACCOUNT_USER: " TOKEN
aws sts get-session-token --serial-number arn:aws:iam::$ACCOUNT_NUM:mfa/$ACCOUNT_USER --profile ask-mfa --token-code $TOKEN > ~/.aws/temp_creds.json
aws configure --profile default set aws_access_key_id $(jq -r ".Credentials.AccessKeyId" ~/.aws/temp_creds.json)
aws configure --profile default set aws_secret_access_key $(jq -r ".Credentials.SecretAccessKey" ~/.aws/temp_creds.json)
aws configure --profile default set aws_session_token $(jq -r ".Credentials.SessionToken" ~/.aws/temp_creds.json)
echo "Token gerado com sucesso. Expiração: " $(jq -r ".Credentials.Expiration" ~/.aws/temp_creds.json)
else
# Configuring the proxy profile
echo " -- Type YOUR main ACCESS KEY ID and SECRET, they will be used for asking the temporary token --"
aws configure --profile ask-mfa
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment