Last active
January 26, 2021 11:29
-
-
Save ddepaoli3/b938425dcdd5fe6bbc928afd01ff7f38 to your computer and use it in GitHub Desktop.
AWS STS export environment variables
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function setup_aws_credentials() { | |
| profile_name=$1 | |
| role_arn=`/usr/bin/grep -A4 "$profile_name\]" ~/.aws/credentials|/usr/bin/grep role_arn|sed 's/^.*arn:/arn:/g'` | |
| if [[ -z "$role_arn" ]] | |
| then | |
| role_arn=`/usr/bin/grep -A4 "$profile_name\]" ~/.aws/config|/usr/bin/grep role_arn|sed 's/^.*arn:/arn:/g'` | |
| fi | |
| local stscredentials | |
| stscredentials=$(aws sts assume-role \ | |
| --profile $profile_name \ | |
| --role-arn "${role_arn}" \ | |
| --role-session-name something \ | |
| --query '[Credentials.SessionToken,Credentials.AccessKeyId,Credentials.SecretAccessKey]' \ | |
| --output text) | |
| AWS_ACCESS_KEY_ID=$(echo "${stscredentials}" | awk '{print $2}') | |
| AWS_SECRET_ACCESS_KEY=$(echo "${stscredentials}" | awk '{print $3}') | |
| AWS_SESSION_TOKEN=$(echo "${stscredentials}" | awk '{print $1}') | |
| AWS_SECURITY_TOKEN=$(echo "${stscredentials}" | awk '{print $1}') | |
| region=$(/usr/bin/grep -A4 "\[$profile_name\]" ~/.aws/credentials|/usr/bin/grep region|sed s/'.*=[ ]'//g) | |
| if [ $region ] | |
| then | |
| AWS_DEFAULT_REGION=$region | |
| export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_SECURITY_TOKEN AWS_DEFAULT_REGION | |
| else | |
| export AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_SECURITY_TOKEN | |
| fi | |
| echo "Default AWS region set to '$region'" | |
| echo "AWS env variables set:" | |
| printenv | /usr/bin/grep AWS | sed 's;=.*;;' | sort | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment