simzor·4년 전·discussMakes operating AWS CLI against a user with MFA enabled easier---------#!/bin/shecho "Store and retrieve session token AWS STS \n\n"# Get source profile read -p "Source Profile [<profile_name>]: " source_profile source_profile=${source_profile:-'<profile_name>'} echo $source_profile# Get destination profile read -p "Destination Profile [<profile_name>-mfa]: " destination_profile destination_profile=${destination_profile:-'<profile_name>-mfa'} echo $destination_profilemfa_serial_number='arn:aws:iam::<id>:mfa/<name>'echo "\nOTP: " read -p "One Time Password (OTP): " otpecho "\nOTP:" $otp echo "\n"output=$(aws sts get-session-token --profile <profile_name> --serial-number $mfa_serial_number --output json --token-code $otp)echo $outputaccess_key_id=$(echo $output | jq .Credentials.AccessKeyId | tr -d '"') secret_access_key=$(echo $output | jq .Credentials.SecretAccessKey | tr -d '"') session_token=$(echo $output | jq .Credentials.SessionToken | tr -d '"')aws configure set aws_access_key_id $access_key_id --profile=$destination_profile aws configure set aws_secret_access_key $secret_access_key --profile=$destination_profile aws configure set aws_session_token $session_token --profile=$destination_profileecho "Configured AWS for profile" $destination_profile