Created
July 12, 2022 13:48
-
-
Save mtp1376/98ca38d3441e28fd6610035958ae841b to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Replace "ARN_FOR_MFA_HERE" with your MFA device ARN | |
| # Put the keys you get from AWS IAM console in the "iam-user" profile | |
| # Run the script: "bash new-aws-session-token.sh 123456" (replace 123456 with the code you get from the Authenticator app) | |
| set -e | |
| aws sts get-session-token --serial-number ARN_FOR_MFA_HERE --token-code $1 --profile iam-user > /tmp/aws.json | |
| ACCESS_KEY_ID=`jq -r '.Credentials.AccessKeyId' /tmp/aws.json` | |
| SECRET_ACCESS_KEY=`jq -r '.Credentials.SecretAccessKey' /tmp/aws.json` | |
| SESSION_TOKEN=`jq -r '.Credentials.SessionToken' /tmp/aws.json` | |
| aws configure set --profile default aws_access_key_id "$ACCESS_KEY_ID" | |
| aws configure set --profile default aws_secret_access_key "$SECRET_ACCESS_KEY" | |
| aws configure set --profile default aws_session_token "$SESSION_TOKEN" | |
| rm /tmp/aws.json |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Using an MFA for AWS can be a pain when using the CLI. This script will use the code you get from the Authenticator app to get a fresh set of AWS keys and will update your
defaultprofile with those values.