wojtek-oledzki/Makefile-ansible-aws

## Makefile-ansible-aws
SOURCE_PROFILE ?= default
PROFILE ?= my-profile-with-role
ASSUME_ROLE ?= arn:aws:iam::123498765678:role/my_admin_role

## Assumes role and udpates ~/.aws/credentials
# Example: make assume_role
assume_role:
	@aws sts assume-role \
		--profile $(SOURCE_PROFILE) \
		--output text \
		--role-arn $(ASSUME_ROLE) \
		--role-session-name $(PROFILE)-assumed \
	| tail -1 \
	| awk 'BEGIN{ cmd="aws --profile=$(PROFILE) configure set " } { \
		print cmd "aws_access_key_id " $$2 "\n" \
			cmd "aws_secret_access_key " $$4 "\n" \
			cmd "aws_session_token " $$5 }' \
	| xargs -0 /bin/bash -c
	@sed -ibak -n '/aws_security_token/!p' ~/.aws/credentials
	@awk '{ if ("aws_session_token"==$$1) print $$0 "\naws_security_token = " $$3; else print $$0; }' ~/.aws/credentials > ~/.aws/credentials.tmp
	@mv ~/.aws/credentials.tmp ~/.aws/credentials
	SOURCE_PROFILE ?= default
	PROFILE ?= my-profile-with-role
	ASSUME_ROLE ?= arn:aws:iam::123498765678:role/my_admin_role

	## Assumes role and udpates ~/.aws/credentials
	# Example: make assume_role
	assume_role:
	@aws sts assume-role \
	--profile $(SOURCE_PROFILE) \
	--output text \
	--role-arn $(ASSUME_ROLE) \
	--role-session-name $(PROFILE)-assumed \
	\| tail -1 \
	\| awk 'BEGIN{ cmd="aws --profile=$(PROFILE) configure set " } { \
	print cmd "aws_access_key_id " $$2 "\n" \
	cmd "aws_secret_access_key " $$4 "\n" \
	cmd "aws_session_token " $$5 }' \
	\| xargs -0 /bin/bash -c
	@sed -ibak -n '/aws_security_token/!p' ~/.aws/credentials
	@awk '{ if ("aws_session_token"==$$1) print $$0 "\naws_security_token = " $$3; else print $$0; }' ~/.aws/credentials > ~/.aws/credentials.tmp
	@mv ~/.aws/credentials.tmp ~/.aws/credentials