Skip to content

Instantly share code, notes, and snippets.

@zugdud zugdud/awsCliMfa.sh
Created Feb 14, 2019

Embed
What would you like to do?
MFA profile config script for aws cli
#!/bin/bash
if [[ $1 -eq 0 ]] ; then
echo 'Error Must provide MFA code as param1'
exit 0
fi
tokenCode=$1
awsAccessKey=""
awsSecretKey=""
mfaSerial=""
mfaTempFile="/tmp/mfaCredentialProfile.txt"
mfaCredentials="/home/ec2-user/.aws/credentials"
sessionJSON="$(aws sts get-session-token --serial-number $mfaSerial --token-code $tokenCode)"
credentialsJSON="$(echo $sessionJSON | jq -r '.Credentials')"
secretAccessKey="$(echo $credentialsJSON | jq -r '.SecretAccessKey')"
sessionToken="$(echo $credentialsJSON | jq -r '.SessionToken')"
accessKeyId="$(echo $credentialsJSON | jq -r '.AccessKeyId')"
expiration="$(echo $credentialsJSON | jq -r '.Expiration')"
echo "[mfa]" > $mfaTempFile
echo "output = json" >> $mfaTempFile
echo "region = us-east-1" >> $mfaTempFile
echo "aws_access_key_id = $accessKeyId" >> $mfaTempFile
echo "aws_secret_access_key = $secretAccessKey" >> $mfaTempFile
echo "aws_session_token = $sessionToken" >> $mfaTempFile
echo "[default]" > $mfaCredentials
echo "aws_access_key_id = $awsAccessKey" >> $mfaCredentials
echo "aws_secret_access_key = $awsSecretKey" >> $mfaCredentials
cat $mfaTempFile >> $mfaCredentials
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.