jengo · July 21, 2021 18:19
diff --git a/sts.sh b/sts.sh
 #!/bin/bash

 # Written by Jolene Engo <[email protected]>
 # This is a script that you can use with your MFA token to get an STS token from AWS.
 # Example way to run: source sts.sh <token>
 # You MUST source this file or the environment varibles will not be set

 export AWS_ACCESS_KEY_ID=
 export AWS_DEFAULT_REGION=
 export AWS_SECRET_ACCESS_KEY=
 ACCOUNT_ID=
 IAM_USER=

 # If it is already set, it will fail to set a new one
 unset AWS_SESSION_TOKEN

 if [ $# -eq 1 ]; then
 	CREDS=$(aws sts get-session-token --serial-number arn:aws:iam::${ACCOUNT_ID}:mfa/${IAM_USER} --token-code $1)
 	export AWS_ACCESS_KEY_ID=$(echo $CREDS | jq -r .Credentials.AccessKeyId)
 	export AWS_SECRET_ACCESS_KEY=$(echo $CREDS | jq -r .Credentials.SecretAccessKey)
 	export AWS_SESSION_TOKEN=$(echo $CREDS | jq -r .Credentials.SessionToken)
 	echo "Temporary credentials setup"
 else
 	echo "Pass your mfa token as an argument"
 fi
	#!/bin/bash

	# Written by Jolene Engo <[email protected]>
	# This is a script that you can use with your MFA token to get an STS token from AWS.
	# Example way to run: source sts.sh <token>
	# You MUST source this file or the environment varibles will not be set

	export AWS_ACCESS_KEY_ID=
	export AWS_DEFAULT_REGION=
	export AWS_SECRET_ACCESS_KEY=
	ACCOUNT_ID=
	IAM_USER=

	# If it is already set, it will fail to set a new one
	unset AWS_SESSION_TOKEN

	if [ $# -eq 1 ]; then
	CREDS=$(aws sts get-session-token --serial-number arn:aws:iam::${ACCOUNT_ID}:mfa/${IAM_USER} --token-code $1)
	export AWS_ACCESS_KEY_ID=$(echo $CREDS \| jq -r .Credentials.AccessKeyId)
	export AWS_SECRET_ACCESS_KEY=$(echo $CREDS \| jq -r .Credentials.SecretAccessKey)
	export AWS_SESSION_TOKEN=$(echo $CREDS \| jq -r .Credentials.SessionToken)
	echo "Temporary credentials setup"
	else
	echo "Pass your mfa token as an argument"
	fi