masami256 · June 5, 2018 06:15
diff --git a/setup_aws_mfa.sh b/setup_aws_mfa.sh
 #!/bin/bash

 # Before run this script, get authengication token via google authenticator app or other tool
 if [ $# != 1 ]; then
    echo "usage: $0 [token]"
    exit 1
 fi

 tokencode=$1

 which jq >/dev/null 2>&1
 if [ $? != 0 ]; then
    echo "jq command is required"
    exit 1
 fi

 if [ "${MFA_AWS_DEVICE_ARN}" = "" ]; then
    echo "please set MFA device's arn to MFA_AWS_DEVICE_ARN"
    exit 1
 fi

 tmpfile=$(mktemp)
 aws sts get-session-token --serial-number "${MFA_AWS_DEVICE_ARN}" --token-code "${tokencode}" > ${tmpfile}

 if [ $? = 0 ]; then
    echo "Please run following command."
    echo "export AWS_ACCESS_KEY_ID=$(jq '.Credentials.AccessKeyId'  ${tmpfile})"
    echo "export AWS_SECRET_ACCESS_KEY=$(jq '.Credentials.SecretAccessKey'  ${tmpfile})"
    echo "export AWS_SESSION_TOKEN=$(jq '.Credentials.SessionToken'  ${tmpfile})"
 else
    echo "failed to get session"
 fi

 rm -f ${tmpfile}
	#!/bin/bash

	# Before run this script, get authengication token via google authenticator app or other tool
	if [ $# != 1 ]; then
	echo "usage: $0 [token]"
	exit 1
	fi

	tokencode=$1

	which jq >/dev/null 2>&1
	if [ $? != 0 ]; then
	echo "jq command is required"
	exit 1
	fi

	if [ "${MFA_AWS_DEVICE_ARN}" = "" ]; then
	echo "please set MFA device's arn to MFA_AWS_DEVICE_ARN"
	exit 1
	fi

	tmpfile=$(mktemp)
	aws sts get-session-token --serial-number "${MFA_AWS_DEVICE_ARN}" --token-code "${tokencode}" > ${tmpfile}

	if [ $? = 0 ]; then
	echo "Please run following command."
	echo "export AWS_ACCESS_KEY_ID=$(jq '.Credentials.AccessKeyId' ${tmpfile})"
	echo "export AWS_SECRET_ACCESS_KEY=$(jq '.Credentials.SecretAccessKey' ${tmpfile})"
	echo "export AWS_SESSION_TOKEN=$(jq '.Credentials.SessionToken' ${tmpfile})"
	else
	echo "failed to get session"
	fi

	rm -f ${tmpfile}