aztecrex · February 26, 2023 18:23
diff --git a/aws-session-functions.sh b/aws-session-functions.sh
 # source this for some sweet sweet aws session helpers

 # invoke STS to get session creds and put them in vars where they can
 # be passed into something such as a docker container. This places creds
 # in the vars expected by the CLI so they will mask any set by aws configure
 #
 # aws-session
 # docker run -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN ...
 aws-session() {
  eval "$(aws sts get-session-token \
    --query \
       'Credentials | 
          join (`\n`,
           values({
             AccessKeyId: join(``, [`export AWS_ACCESS_KEY_ID=`,AccessKeyId]),
             SecretAccessKey:join(``, [`export AWS_SECRET_ACCESS_KEY=`,SecretAccessKey]),
             SessionToken:join(``, [`export AWS_SESSION_TOKEN=`,SessionToken])
           }))' \
    --output text)"
 }


 # invoke STS to get session creds and puts them in temp vars where they can
 # be passed into something such as a docker container. This version creates vars that
 # are not picked up by the aws CLI.
 #
 # aws-session-t
 # docker run -e AWS_ACCESS_KEY_ID=$T_AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$T_AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN=$T_AWS_SESSION_TOKEN ...
 aws-session-t() {
  eval "$(aws sts get-session-token \
    --query \
       'Credentials | 
          join (`\n`,
           values({
             AccessKeyId: join(``, [`export T_AWS_ACCESS_KEY_ID=`,AccessKeyId]),
             SecretAccessKey:join(``, [`export T_AWS_SECRET_ACCESS_KEY=`,SecretAccessKey]),
             SessionToken:join(``, [`export T_AWS_SESSION_TOKEN=`,SessionToken])
           }))' \
    --output text)"
 }

 # unset aws session vars of both actual and temp type
 aws-clear-session() {
  unset AWS_ACCESS_KEY_ID
  unset AWS_SECRET_ACCESS_KEY
  unset AWS_SESSION_TOKEN
  unset T_AWS_ACCESS_KEY_ID
  unset T_AWS_SECRET_ACCESS_KEY
  unset T_AWS_SESSION_TOKEN
 }
	# source this for some sweet sweet aws session helpers

	# invoke STS to get session creds and put them in vars where they can
	# be passed into something such as a docker container. This places creds
	# in the vars expected by the CLI so they will mask any set by aws configure
	#
	# aws-session
	# docker run -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN ...
	aws-session() {
	eval "$(aws sts get-session-token \
	--query \
	'Credentials \|
	join (`\n`,
	values({
	AccessKeyId: join(``, [`export AWS_ACCESS_KEY_ID=`,AccessKeyId]),
	SecretAccessKey:join(``, [`export AWS_SECRET_ACCESS_KEY=`,SecretAccessKey]),
	SessionToken:join(``, [`export AWS_SESSION_TOKEN=`,SessionToken])
	}))' \
	--output text)"
	}


	# invoke STS to get session creds and puts them in temp vars where they can
	# be passed into something such as a docker container. This version creates vars that
	# are not picked up by the aws CLI.
	#
	# aws-session-t
	# docker run -e AWS_ACCESS_KEY_ID=$T_AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$T_AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN=$T_AWS_SESSION_TOKEN ...
	aws-session-t() {
	eval "$(aws sts get-session-token \
	--query \
	'Credentials \|
	join (`\n`,
	values({
	AccessKeyId: join(``, [`export T_AWS_ACCESS_KEY_ID=`,AccessKeyId]),
	SecretAccessKey:join(``, [`export T_AWS_SECRET_ACCESS_KEY=`,SecretAccessKey]),
	SessionToken:join(``, [`export T_AWS_SESSION_TOKEN=`,SessionToken])
	}))' \
	--output text)"
	}

	# unset aws session vars of both actual and temp type
	aws-clear-session() {
	unset AWS_ACCESS_KEY_ID
	unset AWS_SECRET_ACCESS_KEY
	unset AWS_SESSION_TOKEN
	unset T_AWS_ACCESS_KEY_ID
	unset T_AWS_SECRET_ACCESS_KEY
	unset T_AWS_SESSION_TOKEN
	}