elisherer · May 12, 2022 13:05
diff --git a/aws-sso-login.sh b/aws-sso-login.sh
 #! /bin/bash
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 NC='\033[0m' # No Color

 installer=`which brew || which yum || which apt-get`
 which jq >/dev/null || $installer install jq

 if [ $? -ne 0 ]; then
    echo -e ${RED} unable to install jq, please run $installer install jq $NC
    exit 770
 fi

 echo -e ${GREEN} Login to AWS SSO $NC

 aws sso login

 ssoCacheFile=$(ls -q ~/.aws/sso/cache/`ls ~/.aws/sso/cache/ | grep -v client | grep -o "[a-z0-9]*.json"` 2>/dev/null)

 if [ -z "$ssoCacheFile" ]; then 
    echo -e ${RED} unable to find sso cache file, please run 'aws configure sso --profile default'
    exit 1967
 fi

 region=`jq .region -Mr $ssoCacheFile`
 accessToken=`jq .accessToken -Mr $ssoCacheFile`

 if [ -z "$accessToken" ]; then 
    echo -e ${RED} unable to find sso access token, please run 'aws configure sso --profile default'
    exit 1948
 fi

 echo -e ${GREEN} Getting accounts from AWS $NC

 accountList=$(aws sso list-accounts --access-token=$accessToken --region=$region)
 accountId=`echo $accountList | jq -Mr .accountList[0].accountId`
 echo -e ${GREEN} Getting your role from AWS $NC
 roles=$(aws sso list-account-roles --access-token=$accessToken --region=$region --account-id=$accountId)
 role=`echo $roles | jq -Mr .roleList[0].roleName`
 echo -e ${GREEN} Getting your credentials from AWS $NC
 credentials=$(aws sso get-role-credentials --role-name=$role --account-id=$accountId --access-token=$accessToken --region=$region)

 AWS_ACCESS_KEY_ID=`echo $credentials | jq -Mr .roleCredentials.accessKeyId`
 AWS_SECRET_ACCESS_KEY=`echo $credentials | jq -Mr .roleCredentials.secretAccessKey`
 AWS_SESSION_TOKEN=`echo $credentials | jq -Mr .roleCredentials.sessionToken`

 echo [default] > ~/.aws/credentials.test
 echo aws_access_key_id=$AWS_ACCESS_KEY_ID >> ~/.aws/credentials.test
 echo aws_secret_access_key=$AWS_SECRET_ACCESS_KEY >> ~/.aws/credentials.test
 echo aws_session_token=$AWS_SESSION_TOKEN >> ~/.aws/credentials.test

 mv ~/.aws/credentials.test ~/.aws/credentials
 echo -e ${GREEN} New credentials file is now in ~/.aws/credentials $NC
	#! /bin/bash
	RED='\033[0;31m'
	GREEN='\033[0;32m'
	NC='\033[0m' # No Color

	installer=`which brew \|\| which yum \|\| which apt-get`
	which jq >/dev/null \|\| $installer install jq

	if [ $? -ne 0 ]; then
	echo -e ${RED} unable to install jq, please run $installer install jq $NC
	exit 770
	fi

	echo -e ${GREEN} Login to AWS SSO $NC

	aws sso login

	ssoCacheFile=$(ls -q ~/.aws/sso/cache/`ls ~/.aws/sso/cache/ \| grep -v client \| grep -o "[a-z0-9]*.json"` 2>/dev/null)

	if [ -z "$ssoCacheFile" ]; then
	echo -e ${RED} unable to find sso cache file, please run 'aws configure sso --profile default'
	exit 1967
	fi

	region=`jq .region -Mr $ssoCacheFile`
	accessToken=`jq .accessToken -Mr $ssoCacheFile`

	if [ -z "$accessToken" ]; then
	echo -e ${RED} unable to find sso access token, please run 'aws configure sso --profile default'
	exit 1948
	fi

	echo -e ${GREEN} Getting accounts from AWS $NC

	accountList=$(aws sso list-accounts --access-token=$accessToken --region=$region)
	accountId=`echo $accountList \| jq -Mr .accountList[0].accountId`
	echo -e ${GREEN} Getting your role from AWS $NC
	roles=$(aws sso list-account-roles --access-token=$accessToken --region=$region --account-id=$accountId)
	role=`echo $roles \| jq -Mr .roleList[0].roleName`
	echo -e ${GREEN} Getting your credentials from AWS $NC
	credentials=$(aws sso get-role-credentials --role-name=$role --account-id=$accountId --access-token=$accessToken --region=$region)

	AWS_ACCESS_KEY_ID=`echo $credentials \| jq -Mr .roleCredentials.accessKeyId`
	AWS_SECRET_ACCESS_KEY=`echo $credentials \| jq -Mr .roleCredentials.secretAccessKey`
	AWS_SESSION_TOKEN=`echo $credentials \| jq -Mr .roleCredentials.sessionToken`

	echo [default] > ~/.aws/credentials.test
	echo aws_access_key_id=$AWS_ACCESS_KEY_ID >> ~/.aws/credentials.test
	echo aws_secret_access_key=$AWS_SECRET_ACCESS_KEY >> ~/.aws/credentials.test
	echo aws_session_token=$AWS_SESSION_TOKEN >> ~/.aws/credentials.test

	mv ~/.aws/credentials.test ~/.aws/credentials
	echo -e ${GREEN} New credentials file is now in ~/.aws/credentials $NC