Last active
December 4, 2019 19:02
-
-
Save elordahl/3f074a5a16f04cdc4c5d0c41df2deb11 to your computer and use it in GitHub Desktop.
Simple script that will use your MFA token to set AWS credentials
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -e | |
| # $1 = token from your authenticator | |
| # | |
| # usage: | |
| # ./get-session-token.sh 123456 | |
| # | |
| # the profile name with your credentials | |
| PROFILE="" | |
| # your MFA ARN from AWS | |
| MFA_ARN="" | |
| # token expiration (seconds) | |
| DURATION_SEC="129600" | |
| # file to append session token creds | |
| CRED_FILE=~/.aws/credentials | |
| # set colors for output | |
| NO_COLOR='\033[0m' | |
| PRE_COLOR='\033[1;35m' | |
| JSON=$(aws --profile $PROFILE sts get-session-token --duration-seconds $DURATION_SEC --serial-number $MFA_ARN --token-code $1) | |
| AKID=$(echo $JSON | jq -r .Credentials.AccessKeyId) | |
| ST=$(echo $JSON | jq -r .Credentials.SessionToken) | |
| SAK=$(echo $JSON | jq -r .Credentials.SecretAccessKey) | |
| cat >> $CRED_FILE <<EOF | |
| ## auto added `date` | |
| [default] | |
| aws_access_key_id = $AKID | |
| aws_secret_access_key = $SAK | |
| aws_session_token = $ST | |
| EOF | |
| if [ -n "$EDITOR" ]; then | |
| $EDITOR $CRED_FILE | |
| else | |
| printf "Open $PRE_COLOR$CRED_FILE$NO_COLOR to see what was added\n" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment