alias aws='docker pull -q amazon/aws-cli:latest 1> /dev/null && docker run --rm -i -v ~/.aws:/root/.aws -v $(pwd):/aws -e NO_COLOR=true -e AWS_PROFILE -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN amazon/aws-cli' assume-role() { ROLE=$1 if [[ -z "$ROLE" ]]; then export AWS_ACCESS_KEY_ID= export AWS_SECRET_ACCESS_KEY= export AWS_SESSION_TOKEN= else OUTPUT=$(aws sts assume-role --role-arn $ROLE --role-session-name assumed-role-session --query Credentials --color off --output json) export AWS_ACCESS_KEY_ID=$(echo $OUTPUT | jq -r .Credentials.AccessKeyId) export AWS_SECRET_ACCESS_KEY=$(echo $OUTPUT | jq -r .Credentials.SecretAccessKey) export AWS_SESSION_TOKEN=$(echo $OUTPUT | jq -r .Credentials.SessionToken) fi aws sts get-caller-identity } aws-decode-message() { ENCODED=$1 aws sts decode-authorization-message --query DecodedMessage --output text --encoded-message $ENCODED | jq -r '.context.action, .context.resource' }