In order to create short lived credentials to use interact with AWS APIs using aws-vault, since most of IDEs like vscode, intellj still doesn't support the integration, you can add this bash function into ~/.bashrc.
function aws_vault_save(){
local profile_name="$1"
local region="${2:-eu-west-1}"
local temp_profile="${profile_name}_tmp"
creds=$(aws-vault exec -j "${profile_name}")
aws --profile "${temp_profile}" configure set region "${region}"
aws --profile "${temp_profile}" configure set output "json"
aws --profile "${temp_profile}" configure set aws_access_key_id "$(echo $creds | jq -r .AccessKeyId)"
aws --profile "${temp_profile}" configure set aws_secret_access_key "$(echo $creds | jq -r .SecretAccessKey)"
aws --profile "${temp_profile}" configure set aws_session_token "$(echo $creds | jq -r .SessionToken)"
echo "Profile ${temp_profile} added, Will exprie on $(echo $creds | jq -r .Expiration) UTC"
}
aws_vault_save dev
aws s3 ls --profile dev_tmp
or this variant that sets the profile too
function aws_vault_save(){
local profile_name="$1"
local region="${2:-eu-west-1}"
local _profile="default"
unset AWS_PROFILE
creds=$(aws-vault exec -j "${profile_name}")
aws --profile "${_profile}" configure set aws_access_key_id "$(echo ${creds} | jq -r .AccessKeyId)"
aws --profile "${_profile}" configure set aws_secret_access_key "$(echo ${creds} | jq -r .SecretAccessKey)"
aws --profile "${_profile}" configure set aws_session_token "$(echo ${creds} | jq -r .SessionToken)"
aws --profile "${_profile}" configure set region "${region}"
aws --profile "${_profile}" configure set output "json"
# export AWS_PROFILE=${_profile}
unset AWS_PROFILE
export AWS_REGION=${region}
echo "Profile ${_profile} added, Will exprie on $(echo $creds | jq -r .Expiration) UTC"
}