Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Configure your shell with temporary AWS environment variables from
#!/usr/bin/env python
"""
How to use:
eval $(eval "aws sts assume-role --role-arn arn:aws:iam::0123456789:role/the-role-name --role-session-name my-aws-prod | ./sts2env")
Then run `env` and you should see the environment vars in your shell.
"""
import sys
import json
sts_data = json.loads(
sys.stdin.read()
)
creds = sts_data["Credentials"]
env_vars_to_export = {
"AWS_ACCESS_KEY_ID": creds["AccessKeyId"],
"AWS_SECRET_ACCESS_KEY": creds["SecretAccessKey"],
"AWS_SESSION_TOKEN": creds["SessionToken"],
"AWS_SESSION_TOKEN_EXPIRATION": creds["Expiration"],
"AWS_SESSION_ASSUMED_ROLE_ARN": sts_data["AssumedRoleUser"]["Arn"],
}
print("""
export AWS_ACCESS_KEY_ID="{AWS_ACCESS_KEY_ID}"
export AWS_SECRET_ACCESS_KEY="{AWS_SECRET_ACCESS_KEY}"
export AWS_SESSION_TOKEN="{AWS_SESSION_TOKEN}"
export AWS_SESSION_TOKEN_EXPIRATION="{AWS_SESSION_TOKEN_EXPIRATION}"
export AWS_SESSION_ASSUMED_ROLE_ARN="{AWS_SESSION_ASSUMED_ROLE_ARN}"
""".format(**env_vars_to_export)
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment