Connecting to Amazon SSM using MFA
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| ACCOUNT_NUM=<MY_AWS_ACCOUNT_NUM> | |
| ACCOUNT_USER=<MY_AWS_ACCOUNT_USER> | |
| aws configure --profile ask-mfa list > /dev/null | |
| if [ $? -eq 0 ] | |
| then | |
| read -p "Token MFA da conta $ACCOUNT_NUM/$ACCOUNT_USER: " TOKEN | |
| aws sts get-session-token --serial-number arn:aws:iam::$ACCOUNT_NUM:mfa/$ACCOUNT_USER --profile ask-mfa --token-code $TOKEN > ~/.aws/temp_creds.json | |
| aws configure --profile default set aws_access_key_id $(jq -r ".Credentials.AccessKeyId" ~/.aws/temp_creds.json) | |
| aws configure --profile default set aws_secret_access_key $(jq -r ".Credentials.SecretAccessKey" ~/.aws/temp_creds.json) | |
| aws configure --profile default set aws_session_token $(jq -r ".Credentials.SessionToken" ~/.aws/temp_creds.json) | |
| echo "Token gerado com sucesso. Expiração: " $(jq -r ".Credentials.Expiration" ~/.aws/temp_creds.json) | |
| else | |
| # Configuring the proxy profile | |
| echo " -- Type YOUR main ACCESS KEY ID and SECRET, they will be used for asking the temporary token --" | |
| aws configure --profile ask-mfa | |
| fi | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment