Source the CSV IAM credential download in BASH

csv2aws.bash

#!/usr/bin/env bash

set -o pipefail -e -u

[[ ${#@} -eq 1 && "$1" =~ .csv$ ]] || {
  echo "ERROR: need a CSV file to convert" >&2
  exit 1
}

CSV_FILE="$1"

[[ -s ${CSV_FILE} ]] || {
  echo "ERROR: CSV file is empty of missing" >&2
  exit 1
}

BASH_FILE="${CSV_FILE%.csv}.bash"

echo "INFO: writing bash env config in ${BASH_FILE}"

cat <<EOF >| ${BASH_FILE}
export AWS_ACCESS_KEY_ID="$(while IFS=, read USER_NAME PASSWORD AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY CONSOLE_URL; do [[ ${AWS_ACCESS_KEY_ID} =~ ^[A-Z0-9]{20}$ ]] && echo ${AWS_ACCESS_KEY_ID};done<${CSV_FILE})"
export AWS_SECRET_ACCESS_KEY="$(while IFS=, read USER_NAME PASSWORD AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY CONSOLE_URL; do [[ ${AWS_SECRET_ACCESS_KEY} =~ ^[a-zA-Z0-9/+]{40}$ ]] && echo ${AWS_SECRET_ACCESS_KEY};done<${CSV_FILE})"
EOF
source ${BASH_FILE}


if which aws &>/dev/null; then
  if which jq &>/dev/null; then
    aws --output json sts get-caller-identity | jq
  else
    aws --output text sts get-caller-identity
  fi
else
  echo "WARN: missing \"aws\" command, unable to verify sourced identity" >&2
fi

echo "INFO: You may become this IAM user again in the future by running \"source ${BASH_FILE}\""

# the script accepts one positional param which is the file path to a 
#  CSV file downloaded from IAM console when creating a new Access Key
❯ cat /tmp/aws-iam-acme-user.csv
User name,Password,Access key ID,Secret access key,Console login link
aws-iam-acme-user,,AIDAUC42NGU63VROHKO6K,xhZiyrWSigOZXe6pDNSvNrqz2bS1hJnnPOjj2QOh,https://acme-console.signin.aws.amazon.com/console

❯ ./csv2aws.bash /tmp/aws-iam-acme-user.csv
INFO: writing bash env config in /tmp/aws-iam-acme-user.bash
{
  "UserId": "AIDAUC42NGU63VROHKO6K",
  "Account": "281197317981",
  "Arn": "arn:aws:iam::281197317981:user/aws-iam-acme-user"
}
INFO: You may become this IAM user again in the future by running "source /tmp/aws-iam-acme-user.bash"