Skip to content

Instantly share code, notes, and snippets.

@russellballestrini
Last active August 2, 2022 14:37
Show Gist options
  • Save russellballestrini/bfae477ef36b36e8803fb4a2d241fc78 to your computer and use it in GitHub Desktop.
Save russellballestrini/bfae477ef36b36e8803fb4a2d241fc78 to your computer and use it in GitHub Desktop.
Configure your shell with temporary AWS environment variables from
#!/usr/bin/env python
"""
How to use:
eval $(eval "aws sts assume-role --role-arn arn:aws:iam::0123456789:role/the-role-name --role-session-name my-aws-prod | ./sts2env")
Then run `env` and you should see the environment vars in your shell.
"""
import sys
import json
sts_data = json.loads(
sys.stdin.read()
)
creds = sts_data["Credentials"]
env_vars_to_export = {
"AWS_ACCESS_KEY_ID": creds["AccessKeyId"],
"AWS_SECRET_ACCESS_KEY": creds["SecretAccessKey"],
"AWS_SESSION_TOKEN": creds["SessionToken"],
"AWS_SESSION_TOKEN_EXPIRATION": creds["Expiration"],
"AWS_SESSION_ASSUMED_ROLE_ARN": sts_data["AssumedRoleUser"]["Arn"],
}
print("""
export AWS_ACCESS_KEY_ID="{AWS_ACCESS_KEY_ID}"
export AWS_SECRET_ACCESS_KEY="{AWS_SECRET_ACCESS_KEY}"
export AWS_SESSION_TOKEN="{AWS_SESSION_TOKEN}"
export AWS_SESSION_TOKEN_EXPIRATION="{AWS_SESSION_TOKEN_EXPIRATION}"
export AWS_SESSION_ASSUMED_ROLE_ARN="{AWS_SESSION_ASSUMED_ROLE_ARN}"
""".format(**env_vars_to_export)
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment