Skip to content

Instantly share code, notes, and snippets.

@lrvick

lrvick/aws-assume-role.sh

Last active May 31, 2018 17:47
Show Gist options
  • Save lrvick/e6c516537e54013ea0cc3e42a346511f to your computer and use it in GitHub Desktop.
Save lrvick/e6c516537e54013ea0cc3e42a346511f to your computer and use it in GitHub Desktop.
Download ZIP
Assume an AWS role for Organization accounts with shared IAM
Raw
aws-assume-role.sh
#! /bin/bash
# Usage:
# source aws-assume-role 281158451634
account=$1
unset AWS_SESSION_TOKEN
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::${account}:role/OrganizationAccountAccessRole" \
--role-session-name "$USER")
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
env | grep -i AWS_
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment