Bash scripts for MFA sign in to AWS in the console

assume-role.sh

AWS_ACCOUNT_ID= # aws account
AWS_USER_PROFILE= # profile in aws/credentials to your access key
AWS_REGION= # default region
AWS_IAM_NAME= # your iam name in the aws account
ARN_OF_ROLE= # the role you want to assume

ARN_OF_MFA=arn:aws:iam::$AWS_ACCOUNT_ID:mfa/$AWS_IAM_NAME
MFA_TOKEN_CODE=$1

read AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN <<< \
$( aws --profile $AWS_USER_PROFILE sts assume-role \
  --role-arn $ARN_OF_ROLE \
  --serial-number $ARN_OF_MFA \
  --token-code $MFA_TOKEN_CODE \
  --role-session-name cli-$AWS_IAM_NAME \
  --output text | tail -n1 | awk '{ print $2, $4, $5 }')

export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
export AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN

echo "export AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID
echo "export AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY
echo "export AWS_SESSION_TOKEN="$AWS_SESSION_TOKEN

login.sh

AWS_ACCOUNT_ID= # aws account
AWS_USER_PROFILE= # profile in aws/credentials to your access key
AWS_REGION= # default region
AWS_IAM_NAME= # your iam name in the aws account

ARN_OF_MFA=arn:aws:iam::$AWS_ACCOUNT_ID:mfa/$AWS_IAM_NAME
MFA_TOKEN_CODE=$1
DURATION=129600

read AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN <<< \
$( aws --profile $AWS_USER_PROFILE sts get-session-token \
  --duration $DURATION  \
  --serial-number $ARN_OF_MFA \
  --token-code $MFA_TOKEN_CODE \
  --output text  | awk '{ print $2, $4, $5 }')

export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
export AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN

echo "AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID
echo "AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY
echo "AWS_SESSION_TOKEN="$AWS_SESSION_TOKEN