Created
August 17, 2021 16:19
-
-
Save sarojrana/42303a8ffd62d47d18000b494ef34239 to your computer and use it in GitHub Desktop.
Generate AWS docker login when MFA is enabled. Execute `sh generate-aws-docker-login.sh <mfa_code>` in the terminal.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Read MFA code from terminal | |
aws_mfa_code=$1 | |
# arn:aws:iam::123456789012:mfa/user | |
# username=<your_username> e.g. user | |
# serial_number=<your_serial_number> e.g. 123456789012 | |
# aws_registry_url=<your_aws_registry_url> e.g. https://xxxxxxxxxxxx.dkr.ecr.us-east-1.amazonaws.com | |
username=<your_username> | |
serial_number=<your_serial_number> | |
aws_registry_url=<your_aws_registry_url> | |
generate_docker_login() { | |
echo "==================================Generating AWS Session==================================" | |
aws_response=$(aws sts get-session-token --serial-number arn:aws:iam::$serial_number:mfa/$username --token-code $aws_mfa_code) | |
if [ -n "${aws_response}" ]; then | |
echo "Created AWS session."; | |
else | |
echo "Failed to created AWS session."; | |
exit 1; | |
fi | |
access_key_id=$(echo "$aws_response" | jq -r '.Credentials.AccessKeyId') | |
secret_access_key=$(echo "$aws_response" | jq -r '.Credentials.SecretAccessKey') | |
session_token=$(echo "$aws_response" | jq -r '.Credentials.SessionToken') | |
echo "\n============================Unsetting AWS Environment Variables===========================" | |
unset AWS_ACCESS_KEY_ID | |
unset AWS_SESSION_TOKEN | |
unset AWS_SECRET_ACCESS_KEY | |
echo "Completed unsetting the AWS environment variables." | |
echo "\n=============================Setting AWS Environment Variables============================" | |
export AWS_ACCESS_KEY_ID=$access_key_id | |
export AWS_SECRET_ACCESS_KEY=$secret_access_key | |
export AWS_SESSION_TOKEN=$session_token | |
echo "Completed setting AWS environment variables." | |
echo "\n==================================Generating Docker Login=================================" | |
echo "docker login -u AWS -p $(aws ecr get-login-password --region us-east-1) $aws_registry_url" | |
} | |
generate_docker_login |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment