SkaTeMasTer
10/1/2016 - 4:14 AM

force sts command to use json output format. others formats will cause

force sts command to use json output format. others formats will cause


  roleArn="arn:aws:iam::"
  roleArn+="$destinationAccountNumber"
  roleArn+=":role/"
  roleArn+="$rolename"

  serialArn="arn:aws:iam::"
  serialArn+="$sourceAccountNumber"
  serialArn+=":mfa/"
  serialArn+="$username"

  commandResult=" "
  commandResult+=$(aws sts assume-role --output json \
                  --role-arn $roleArn \
                  --role-session-name iam-role-injector \
                  --serial-number $serialArn \
                  --query 'Credentials.[SecretAccessKey, SessionToken, AccessKeyId]' \
                  --token-code $tokenCode)

  size=${#commandResult}
  if (( $size > 5 )); then
    commandResult1=$(echo "$commandResult" | sed '5d' | sed '1d' | tr -d '\040\011\012\015' | sed 's/\"//g')
    echo "You have assumed the $rolename role successfully."
    arg1=$(echo "$commandResult1" | cut -d "," -f1)
    export AWS_SECRET_ACCESS_KEY=$arg1
    arg2=$(echo "$commandResult1" | cut -d "," -f2)
    # Set AWS_SESSION_TOKEN and AWS_SECURITY_TOKEN for backwards compatibility
    # See: http://boto3.readthedocs.org/en/latest/guide/configuration.html
    export AWS_SECURITY_TOKEN=$arg2
    export AWS_SESSION_TOKEN=$arg2
    arg3=$(echo "$commandResult1" | cut -d "," -f3)
    export AWS_ACCESS_KEY_ID=$arg3
  fi