For those using 1password and AWS CLI, here is a cool trick to take advantage of 1pass and use temporary STS credentials instead of hardcoding long lived AWS creds, which are sensitive, on your /.aws/credentials
file.
If MFA is enforced on AWS, this script will be very convenient once only STS credentials are accepted in this case.
- Node.js installed
- AWS CLI installed
- 1password CLI installed
- Run
npm install --global zx
- Paste both files above in your
$HOME/.aws
folder - Run
sudo chmod +x ~/.aws/resolve-credentials.mjs
Every time you need new credentials you just run ~/.aws/resolve-credentials.mjs personal
.
PRO-TIP: Add an alias to ~/.aws/resolve-credentials.mjs
on your ~/.zprofile
file, like this alias c="~/.aws/resolve-credentials.mjs"
usage will then become simpler, like this: c personal
Retrieving 1password secrets by reference: https://developer.1password.com/docs/cli/secret-references/#:~:text=Open%20and%20unlock%20the%201Password,then%20click%20Copy%20Secret%20Reference