awsenv

#!/bin/bash

profile=$1
profile_dir=$HOME/.aws/profiles
mfa_token=$2

if [[ -z "${profile}" || -z "${mfa_token}" ]]
then
	echo "usage: awsenv  <profile> <mfa_code>"
elif [[ ! -f "${profile_dir}/${profile}" ]]
then
	echo "AWS Profile [${profile}] not found in [${profile_dir}]"
else
    unset AWS_ACCESS_KEY_ID
    unset AWS_SECRET_ACCESS_KEY
    unset AWS_DEFAULT_REGION
    unset AWS_ARN_MFA
    unset AWS_SESSION_TOKEN
    source $profile_dir/$profile
    if [[ "${mfa_token}" ]] 
    then
        if [[ -z "AWS_ARN_MFA" ]]
        then
            echo "need to set AWS_ARN_MFA environment variable with ARN of mfa device in AWS"
            echo "unable to continue"
        else
            token_data=$(aws sts get-session-token --serial-number $AWS_ARN_MFA --token-code $mfa_token)
            if [[ $? == 0 ]] 
            then
                awskey=$(echo  $token_data | jq '.Credentials.AccessKeyId' | sed -E 's/^\"(.*)\"$/\1/g')
                awssecret=$(echo  $token_data | jq '.Credentials.SecretAccessKey' | sed -E 's/^\"(.*)\"$/\1/g')
                awssession=$(echo  $token_data | jq '.Credentials.SessionToken' | sed -E 's/^\"(.*)\"$/\1/g')

                export AWS_ACCESS_KEY_ID=${awskey}
                export AWS_SECRET_ACCESS_KEY=${awssecret}
                export AWS_SESSION_TOKEN=${awssession}
            fi
        fi
    fi
fi