ErvalhouS · April 5, 2021 02:05
diff --git a/aws_mfa.sh b/aws_mfa.sh
 #!/bin/bash
 AWS_ACCESS_KEY_ID=""
 AWS_SECRET_ACCESS_KEY=""
 AWS_SESSION_TOKEN=""
 (
  echo "Welcome to AWS CLI MFA 😎"
  if [ -z "$MFA_DEVICE_ARN" ]; then
    echo "Your Multi-factor authentication device has an ARN visible at: https://console.aws.amazon.com/iam/home?region=us-east-1#/security_credentials"
    echo
    echo "You can export your MFA device ARN as MFA_DEVICE_ARN environmental variable to avoid having to input it every time. Just add something like this to your equivalent of a ~/.bash_profile"
    echo "export MFA_DEVICE_ARN=arn:a-very-long:unique-id:to-your-mfa-device:on-aws"
    echo
    echo -n "Please enter your MFA device's ARN: "
    read MFA_DEVICE_ARN
  fi
  echo "Get a code from your authenticator of choice."
  echo -n "Please enter your code: "
  read token_code

  if AWS_PROFILE="default" aws sts get-session-token --serial-number $MFA_DEVICE_ARN --token-code $token_code > /tmp/mfa_result; then
  else
    set -e
    echo "Please try again..."
    echo
    echo "Get a code from your authenticator of choice."
    echo -n "Please enter your code: "
    read token_code

    AWS_PROFILE="default" aws sts get-session-token --serial-number $MFA_DEVICE_ARN --token-code $token_code > /tmp/mfa_result
  fi
  export AWS_ACCESS_KEY_ID=`cat /tmp/mfa_result | jq -r '.Credentials.AccessKeyId'`
  export AWS_SECRET_ACCESS_KEY=`cat /tmp/mfa_result | jq -r '.Credentials.SecretAccessKey'`
  export AWS_SESSION_TOKEN=`cat /tmp/mfa_result | jq -r '.Credentials.SessionToken'`
  export AWS_PROFILE="mfa"
  export AWS_REGION="us-east-1"
  rm /tmp/mfa_result

  echo
  echo -e " 📣 SUCCESS❗❗🍺"
 )
	#!/bin/bash
	AWS_ACCESS_KEY_ID=""
	AWS_SECRET_ACCESS_KEY=""
	AWS_SESSION_TOKEN=""
	(
	echo "Welcome to AWS CLI MFA 😎"
	if [ -z "$MFA_DEVICE_ARN" ]; then
	echo "Your Multi-factor authentication device has an ARN visible at: https://console.aws.amazon.com/iam/home?region=us-east-1#/security_credentials"
	echo
	echo "You can export your MFA device ARN as MFA_DEVICE_ARN environmental variable to avoid having to input it every time. Just add something like this to your equivalent of a ~/.bash_profile"
	echo "export MFA_DEVICE_ARN=arn:a-very-long:unique-id:to-your-mfa-device:on-aws"
	echo
	echo -n "Please enter your MFA device's ARN: "
	read MFA_DEVICE_ARN
	fi
	echo "Get a code from your authenticator of choice."
	echo -n "Please enter your code: "
	read token_code

	if AWS_PROFILE="default" aws sts get-session-token --serial-number $MFA_DEVICE_ARN --token-code $token_code > /tmp/mfa_result; then
	else
	set -e
	echo "Please try again..."
	echo
	echo "Get a code from your authenticator of choice."
	echo -n "Please enter your code: "
	read token_code

	AWS_PROFILE="default" aws sts get-session-token --serial-number $MFA_DEVICE_ARN --token-code $token_code > /tmp/mfa_result
	fi
	export AWS_ACCESS_KEY_ID=`cat /tmp/mfa_result \| jq -r '.Credentials.AccessKeyId'`
	export AWS_SECRET_ACCESS_KEY=`cat /tmp/mfa_result \| jq -r '.Credentials.SecretAccessKey'`
	export AWS_SESSION_TOKEN=`cat /tmp/mfa_result \| jq -r '.Credentials.SessionToken'`
	export AWS_PROFILE="mfa"
	export AWS_REGION="us-east-1"
	rm /tmp/mfa_result

	echo
	echo -e " 📣 SUCCESS❗❗🍺"
	)