25 lines
986 B
Plaintext
25 lines
986 B
Plaintext
alias aws='docker pull -q amazon/aws-cli:latest 1> /dev/null && docker run --rm -i -v ~/.aws:/root/.aws -v $(pwd):/aws -e NO_COLOR=true -e AWS_PROFILE -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN amazon/aws-cli'
|
|
|
|
assume-role() {
|
|
ROLE=$1
|
|
|
|
if [[ -z "$ROLE" ]]; then
|
|
export AWS_ACCESS_KEY_ID=
|
|
export AWS_SECRET_ACCESS_KEY=
|
|
export AWS_SESSION_TOKEN=
|
|
else
|
|
OUTPUT=$(aws sts assume-role --role-arn $ROLE --role-session-name assumed-role-session --query Credentials --output json)
|
|
|
|
export AWS_ACCESS_KEY_ID=$(echo $OUTPUT | jq -r .AccessKeyId)
|
|
export AWS_SECRET_ACCESS_KEY=$(echo $OUTPUT | jq -r .SecretAccessKey)
|
|
export AWS_SESSION_TOKEN=$(echo $OUTPUT | jq -r .SessionToken)
|
|
fi
|
|
|
|
aws sts get-caller-identity
|
|
}
|
|
|
|
aws-decode-message() {
|
|
ENCODED=$1
|
|
aws sts decode-authorization-message --query DecodedMessage --output text --encoded-message $ENCODED | jq -r '.context.action, .context.resource'
|
|
}
|