sh AWS cli实用程序脚本
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了sh AWS cli实用程序脚本相关的知识,希望对你有一定的参考价值。
#! /bin/bash
# 1) rename or link the name of the role you want to assume to this file
# : ln -s <this script> account-superAdmin
# 2) make sure you have a matching profile in ~/.aws/config
# : [profile account-superAdmin]
# : source_profile = account
# : role_arn = arn:aws:iam::<account number>:role/superAdmin
# : mfa_serial = arn:aws:iam::<account number>:mfa/<iam user>
# 3) run this script with . (aka source) to export the variables
# : . ./<this script>
# or eval the output
# : eval $(./<this script>)
PROFILE="${0##*/}"
PROFILE_CMD="--profile ${PROFILE}"
USER_NAME=$(logname)
AWS_SHARED_CREDENTIAL_FILE="${AWS_SHARED_CREDENTIAL_FILE:-${HOME}/.aws/config}"
ROLE_ARN=$(sed -n "/${PROFILE}/"',/^$/!d;s/role_arn *= *\(.*\)/\1/p' "${AWS_SHARED_CREDENTIAL_FILE}")
## TODO
## REQUIRES: iam:ListRoles
# ROLE_ARN=$(aws ${PROFILE_CMD} iam list-roles --query "(Roles[?RoleName=='${PROFILE##*-}'].Arn)[0]")
## REQUIRES: iam:ListMFADevices
# MFA_ARN=$(aws ${PROFILE_CMD} iam list-mfa-devices --user-name "${USER_NAME}" --query "(MFADevices[].SerialNumber)[0]")
TICKET=$(aws ${PROFILE_CMD} sts assume-role --role-session-name "${USER_NAME}-${PROFILE}" \
--role-arn "${ROLE_ARN}" \
--query "Credentials.{AWS_ACCESS_KEY_ID:AccessKeyId,AWS_SECRET_ACCESS_KEY:SecretAccessKey,AWS_SESSION_TOKEN:SessionToken}")
TICKET="${TICKET//[ ,\"\}\{]}"
TICKET="${TICKET//:/=}"
AWS=$(for var in ${TICKET}; do echo "export ${var}"; done)
eval ${AWS}
echo ${AWS}
以上是关于sh AWS cli实用程序脚本的主要内容,如果未能解决你的问题,请参考以下文章
模仿 AWS CLI / gcloud 命令行参数
sh install-aws-cli.sh
sh AWS CLIの导入
sh AWS CLI命令
sh AWS CLI设置
sh AWS CLI S3删除目录