Last active
July 11, 2021 16:57
-
-
Save amcginlay/9136b76b9f8f62a8762c1a9f34a22067 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To switch role from the command line: | |
| role_name_to_assume="Role-EC2-EKSClusterAdmin" | |
| account_id=$(aws sts get-caller-identity --query Account --output text) | |
| session_name=$(aws sts get-caller-identity --query Arn --output text | rev | cut -d/ -f1 | rev) | |
| role_arn="arn:aws:iam::${account_id}:role/${role_name_to_assume}" | |
| temp_creds=($(aws sts assume-role --role-arn ${role_arn} --role-session-name ${session_name} --duration-seconds 3600 --output text | grep "^CREDENTIALS")) | |
| unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN | |
| export AWS_ACCESS_KEY_ID=${temp_creds[1]} AWS_SECRET_ACCESS_KEY=${temp_creds[3]} AWS_SESSION_TOKEN=${temp_creds[4]} | |
| aws sts get-caller-identity | |
| # To switch role from the console, execute the following command then navigate your browser to the URL produced and click "Switch Role": | |
| echo "https://signin.aws.amazon.com/switchrole?account=${account_id}&roleName=${role_name_to_assume}&displayName=EKSClusterAdmin" | |
| # TODO switchrole supports "&redirect_uri=https%3A%2F%2Fus-west-2.console.aws.amazon.com%2Fcloud9%2Fhome%2Faccount%3Fregion%3Dus-west-2%23" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment