Skip to content

sweharris/aws-cli-mfa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
COPYING.txt
COPYING.txt
 
 
README.md
README.md
 
 
clearaws
clearaws
 
 
ec2
ec2
 
 
get-aws-creds
get-aws-creds
 
 
get-creds-from-role
get-creds-from-role
 
 
getaws
getaws
 
 

Repository files navigation

If your AWS account has "must MFA" access then typically you can't do much from the CLI until you get temporary credentials.

get-aws-creds - This is the main script that will talk to the endpoints, discover your account, what MFA token is assigned, request the credentials and allow them to be exported. Typically you would do something like

eval $(AWS_PROFILE=myprofile get-aws-creds)

getaws - This is a simple function that unsets the main AWS variables and then calls the eval command

getaws myprofile

clearaws - Just unsets the main AWS variables

get-creds-from-role - Use the meta-data service to get access tokens for the role associated to this machine

ec2 - Example of using get-creds-from-role

EXAMPLE

% getaws gcsf
You are: sweharris
Your MFA device is: arn:aws:iam::123456789012:mfa/sweharris
Enter your MFA code now: 299255
Keys valid until 2017-11-04T02:12:13Z

Or

% ec2
Keys valid until 2024-05-24T21:21:41Z

% aws sts get-caller-identity
{
    "UserId": "ABCDEFGHIJKLMNOPQRSTY:i-01234567890abcdef",
    "Account": "123456789012",
    "Arn": "arn:aws:sts::123456789012:assumed-role/EC2PowerUser/i-01234567890abcdef"
}

About

Script to help get MFA credentials for AWS CLI tools

Resources

Readme

License

GPL-2.0 license
Activity

Stars

25 stars

Watchers

2 watching

Forks

16 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages