Added aws-specific helpers

.dotfiles/aliases

@@ -14,5 +14,3 @@ lt() {
   fi
   ls -l --tree -L $DEPTH -I ".git|cache|log|logs|node_modules|vendor" $@
 }
-
-alias aws='docker run --rm -ti -v ~/.aws:/root/.aws -v $(pwd):/aws -e AWS_PROFILE -e AWS_DEFAULT_REGION -e AWS_REGION amazon/aws-cli'

.dotfiles/aws

@@ -0,0 +1,24 @@
+alias aws='docker pull -q amazon/aws-cli:latest 1> /dev/null && docker run --rm -i -v ~/.aws:/root/.aws -v $(pwd):/aws -e NO_COLOR=true -e AWS_PROFILE -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN amazon/aws-cli'
+
+assume-role() {
+  ROLE=$1
+
+  if [[ -z "$ROLE" ]]; then
+    export AWS_ACCESS_KEY_ID=
+    export AWS_SECRET_ACCESS_KEY=
+    export AWS_SESSION_TOKEN=
+  else
+    OUTPUT=$(aws sts assume-role --role-arn $ROLE --role-session-name assumed-role-session --query Credentials --color off --output json)
+
+    export AWS_ACCESS_KEY_ID=$(echo $OUTPUT | jq -r .Credentials.AccessKeyId)
+    export AWS_SECRET_ACCESS_KEY=$(echo $OUTPUT | jq -r .Credentials.SecretAccessKey)
+    export AWS_SESSION_TOKEN=$(echo $OUTPUT | jq -r .Credentials.SessionToken)
+  fi
+
+  aws sts get-caller-identity
+}
+
+aws-decode-message() {
+  ENCODED=$1
+  aws sts decode-authorization-message --query DecodedMessage --output text --encoded-message $ENCODED | jq -r '.context.action, .context.resource'
+}