Skip to content

Instantly share code, notes, and snippets.

@rubenhorn
Created July 31, 2022 16:25
Show Gist options
  • Save rubenhorn/257dee8b18649175c71185ca758efc15 to your computer and use it in GitHub Desktop.
Save rubenhorn/257dee8b18649175c71185ca758efc15 to your computer and use it in GitHub Desktop.
A simple shell script to generate AWS CLI credentials using MFA
#! /usr/bin/bash
ACCOUNT=$1
USER=$2
OTP=$3
PROFILE=$4
if [ -n "$PROFILE" ]; then
PROFILE="--profile $PROFILE"
fi
if [ -z "$ACCOUNT" ] || [ -z "$USER" ] || [ -z "$OTP" ]; then
echo "Usage: $0 <account> <user> <otp> [profile]"
exit 1
fi
JSON=$(aws sts get-session-token \
--duration-seconds 129600 \
--serial-number arn:aws:iam::$ACCOUNT:mfa/$USER \
--token-code $OTP \
$PROFILE)
if [ $? -eq 0 ]; then
echo -n "aws_access_key_id = "
echo $JSON | jq -r '.Credentials.AccessKeyId'
echo -n "aws_secret_access_key = "
echo $JSON | jq -r '.Credentials.SecretAccessKey'
echo -n "aws_session_token = "
echo $JSON | jq -r '.Credentials.SessionToken'
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment