Created
June 4, 2019 17:04
-
-
Save rdlu/63e8e17d9b50b19c28e646b237c88e42 to your computer and use it in GitHub Desktop.
Connecting to Amazon SSM using MFA
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| ACCOUNT_NUM=<MY_AWS_ACCOUNT_NUM> | |
| ACCOUNT_USER=<MY_AWS_ACCOUNT_USER> | |
| aws configure --profile ask-mfa list > /dev/null | |
| if [ $? -eq 0 ] | |
| then | |
| read -p "Token MFA da conta $ACCOUNT_NUM/$ACCOUNT_USER: " TOKEN | |
| aws sts get-session-token --serial-number arn:aws:iam::$ACCOUNT_NUM:mfa/$ACCOUNT_USER --profile ask-mfa --token-code $TOKEN > ~/.aws/temp_creds.json | |
| aws configure --profile default set aws_access_key_id $(jq -r ".Credentials.AccessKeyId" ~/.aws/temp_creds.json) | |
| aws configure --profile default set aws_secret_access_key $(jq -r ".Credentials.SecretAccessKey" ~/.aws/temp_creds.json) | |
| aws configure --profile default set aws_session_token $(jq -r ".Credentials.SessionToken" ~/.aws/temp_creds.json) | |
| echo "Token gerado com sucesso. Expiração: " $(jq -r ".Credentials.Expiration" ~/.aws/temp_creds.json) | |
| else | |
| # Configuring the proxy profile | |
| echo " -- Type YOUR main ACCESS KEY ID and SECRET, they will be used for asking the temporary token --" | |
| aws configure --profile ask-mfa | |
| fi | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment