Last active
July 17, 2025 18:02
-
-
Save Sancus/1dcaabf2d736dbd0f3bc09660800d33f to your computer and use it in GitHub Desktop.
AWS Boto/CLI MFA Authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-1#/security_credentials | |
| # Get your MFA ARN from the URL above. | |
| MFA_ARN="arn:aws:iam::<yoursgoeshere>" | |
| DURATION=129600 # 36 hours | |
| # Prompt for MFA code | |
| read -p "Enter MFA code: " MFA_CODE | |
| # Get temp credentials | |
| CREDS=$(aws sts get-session-token \ | |
| --serial-number "$MFA_ARN" \ | |
| --token-code "$MFA_CODE" \ | |
| --duration-seconds "$DURATION" \ | |
| --output json) | |
| # Export values into environment | |
| export AWS_ACCESS_KEY_ID=$(echo "$CREDS" | jq -r '.Credentials.AccessKeyId') | |
| export AWS_SECRET_ACCESS_KEY=$(echo "$CREDS" | jq -r '.Credentials.SecretAccessKey') | |
| export AWS_SESSION_TOKEN=$(echo "$CREDS" | jq -r '.Credentials.SessionToken') | |
| echo "AWS credentials loaded to environment." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment