Created
March 4, 2025 14:32
-
-
Save joshfinley/e01b79d1a820eb7be96d962a8f3fec22 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| import json | |
| import os | |
| def lambda_handler(event, context): | |
| """ | |
| Lambda function to print AWS credentials in credentials file format | |
| Uses the IAM role name as the profile name | |
| SECURITY WARNING: | |
| - DO NOT use this in production | |
| - Logging full credentials is a severe security risk | |
| - This should only be used for temporary debugging | |
| """ | |
| # Get the current session | |
| session = boto3.Session() | |
| # Get credentials from the session | |
| credentials = session.get_credentials() | |
| # Get the IAM role name from the Lambda function's execution role | |
| try: | |
| # Retrieve the role name from the Lambda function's role ARN | |
| role_arn = os.environ.get('AWS_ROLE_ARN', '') | |
| role_name = role_arn.split('/')[-1] if role_arn else 'default' | |
| except Exception as e: | |
| role_name = 'default' | |
| # Prepare credentials in .aws/credentials file format | |
| cred_file_format = f"""[{role_name}] | |
| aws_access_key_id = {credentials.access_key} | |
| aws_secret_access_key = {credentials.secret_key} | |
| aws_session_token = {credentials.token or ''} | |
| region = {session.region_name} | |
| """ | |
| # Print credentials in .aws/credentials format | |
| print("AWS Credentials File Format:") | |
| print(cred_file_format) | |
| # Return the credentials info | |
| return { | |
| 'statusCode': 200, | |
| 'body': json.dumps({ | |
| 'profile_name': role_name, | |
| 'credentials_format': cred_file_format | |
| }) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment