https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html
vim aws-sso-login.sh
#!/bin/bash
select profile in stg perf prod platform
do
export AWS_PROFILE=$profile
echo AWS_PROFILE=$AWS_PROFILE
aws sso login | grep Successully
sso_cached_file=$(ls -1tr ~/.aws/sso/cache/ | grep -v botocore | tail -n1)
account=$(aws configure get sso_account_id)
roleName=$(aws configure get sso_role_name)
accessToken=$(cat ~/.aws/sso/cache/${sso_cached_file} | jq -r '.accessToken')
roleCredentials=$(aws sso get-role-credentials --account=$account --role-name=$roleName --access-token=$accessToken --no-cli-pager)
export AWS_ACCESS_KEY_ID=$(echo ${roleCredentials} | jq -r '.roleCredentials.accessKeyId')
export AWS_SECRET_ACCESS_KEY=$(echo ${roleCredentials} | jq -r '.roleCredentials.secretAccessKey')
export AWS_SESSION_TOKEN=$(echo ${roleCredentials} | jq -r '.roleCredentials.sessionToken')
aws sts get-caller-identity --no-cli-pager
break
donevim ~/.bashrc
alias sso="source /path/to/aws-sso-login.sh"sso
1) stg
2) prod
#? 1
AWS_PROFILE=stg
Successully logged into Start URL: https://d-xxxxxxxxxx.awsapps.com/start
{
"UserId": "XXXXXXXXXXXXXXXXXXXXX:[email protected]",
"Account": "xxxxxxxxxxxx",
"Arn": "arn:aws:sts::xxxxxxxxxxxx:assumed-role/yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
}
terraform init