joariasl · November 3, 2021 15:06 · Jun 18, 2020 · Jun 18, 2020 · Jun 12, 2020 · Jun 12, 2020
diff --git a/aws-sts.sh b/aws-sts.sh
@@ -99,7 +99,7 @@ if [ "${token_code}" ]; then
     command="${command} --token-code ${token_code}"
 fi
 
-result="$(eval ${command})" || exit 1;
+result=$(eval ${command}) || exit 1;
 access_key_id=$(printf '%s' "${result}" | awk '{print $1;}')
 secret_access_key=$(printf '%s' "${result}" | awk '{print $2;}')
 session_token=$(printf '%s' "${result}" | sed 's/[[:blank:]]$//g' | awk '{print $3;}')

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -99,10 +99,10 @@ if [ "${token_code}" ]; then
     command="${command} --token-code ${token_code}"
 fi
 
-result=$(eval ${command}) || exit 1;
-access_key_id=$(echo "${result}" | awk '{print $1;}')
-secret_access_key=$(echo "${result}" | awk '{print $2;}')
-session_token=$(echo "${result}" | awk '{print $3;}')
+result="$(eval ${command})" || exit 1;
+access_key_id=$(printf '%s' "${result}" | awk '{print $1;}')
+secret_access_key=$(printf '%s' "${result}" | awk '{print $2;}')
+session_token=$(printf '%s' "${result}" | sed 's/[[:blank:]]$//g' | awk '{print $3;}')
 
 aws configure set profile.${profile_set}.aws_access_key_id $access_key_id
 aws configure set profile.${profile_set}.aws_secret_access_key $secret_access_key

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -25,6 +25,7 @@ ${text_bold}SYNOPSIS${text_normal}
 
 ${text_bold}EXAMPLES${text_normal}
         Issue a STS token using example.mfa profile to set the example profile
+            $ ${script_name} --profile-mfa example.mfa --profile-set example --duration-seconds 129600 --serial-number arn:aws:iam::000000000000:mfa/iam_user
             $ ${script_name} --profile-mfa example.mfa --profile-set example --duration-seconds 129600 --serial-number arn:aws:iam::000000000000:mfa/iam_user --token-code 000000
 
                                                         ${script_name}" | less

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -5,7 +5,15 @@ text_bold=$(tput bold)
 text_normal=$(tput sgr0)
 
 showHelp() {
-  echo "${script_name}
+  echo -e "${script_name}
+
+${text_bold}DESCRIPTION${text_normal}
+        The aws configure set command can be used to set a single configuration
+        Script to issue a STS token using an AWS profile  credential  that  set
+        another AWS profile credential with  the  result  configuration  values
+        from the config file.
+
+        See '${script_name} help' for descriptions of global parameters.
 
 ${text_bold}SYNOPSIS${text_normal}
         ${script_name}
@@ -19,7 +27,7 @@ ${text_bold}EXAMPLES${text_normal}
         Issue a STS token using example.mfa profile to set the example profile
             $ ${script_name} --profile-mfa example.mfa --profile-set example --duration-seconds 129600 --serial-number arn:aws:iam::000000000000:mfa/iam_user --token-code 000000
 
-                                                        ${script_name}"
+                                                        ${script_name}" | less
 }
 
 if (( ${#@} == 0 )); then
@@ -51,7 +59,7 @@ while [ "$1" != "" ]; do
                             shift
                             token_code=$1
                             ;;
-    -h | --help )
+    help | --help | -h )
                             showHelp
                             exit 0
                             ;;

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -13,7 +13,7 @@ ${text_bold}SYNOPSIS${text_normal}
         [--profile-set <value>]
         [--duration-seconds <value>]
         [--serial-number <value>]
-        --token-code <mfa-code>
+        [--token-code <mfa-code>]
 
 ${text_bold}EXAMPLES${text_normal}
         Issue a STS token using example.mfa profile to set the example profile

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -63,9 +63,17 @@ while [ "$1" != "" ]; do
   shift
 done
 
+if [ -z "${profile_set}" ]; then
+    profile_set="default"
+fi
+
 if [ -z "${token_code}" ]; then
-    echo "--token-code is required"
-    exit 1
+    echo -n "Enter token code: "
+    read -r token_code
+    if [ -z "${token_code}" ]; then
+        echo "--token-code is required"
+        exit 1
+    fi
 fi
 
 command="aws sts get-session-token --output text --query '*.[AccessKeyId,SecretAccessKey,SessionToken]'"
@@ -82,7 +90,7 @@ if [ "${token_code}" ]; then
     command="${command} --token-code ${token_code}"
 fi
 
-result=$(eval ${command});
+result=$(eval ${command}) || exit 1;
 access_key_id=$(echo "${result}" | awk '{print $1;}')
 secret_access_key=$(echo "${result}" | awk '{print $2;}')
 session_token=$(echo "${result}" | awk '{print $3;}')

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -18,6 +18,7 @@ ${text_bold}SYNOPSIS${text_normal}
 ${text_bold}EXAMPLES${text_normal}
         Issue a STS token using example.mfa profile to set the example profile
             $ ${script_name} --profile-mfa example.mfa --profile-set example --duration-seconds 129600 --serial-number arn:aws:iam::000000000000:mfa/iam_user --token-code 000000
+
                                                         ${script_name}"
 }
 

diff --git a/aws-sts.sh b/aws-sts.sh
@@ -0,0 +1,93 @@
+#!/bin/bash
+script_name=`basename "$0"`
+
+text_bold=$(tput bold)
+text_normal=$(tput sgr0)
+
+showHelp() {
+  echo "${script_name}
+
+${text_bold}SYNOPSIS${text_normal}
+        ${script_name}
+        [--profile-mfa <value>]
+        [--profile-set <value>]
+        [--duration-seconds <value>]
+        [--serial-number <value>]
+        --token-code <mfa-code>
+
+${text_bold}EXAMPLES${text_normal}
+        Issue a STS token using example.mfa profile to set the example profile
+            $ ${script_name} --profile-mfa example.mfa --profile-set example --duration-seconds 129600 --serial-number arn:aws:iam::000000000000:mfa/iam_user --token-code 000000
+                                                        ${script_name}"
+}
+
+if (( ${#@} == 0 )); then
+	showHelp
+	exit 1
+fi
+
+while [ "$1" != "" ]; do
+  case $1 in
+    --profile-mfa )
+                            shift
+                            profile_mfa=$1
+                            ;;
+    --profile-set )
+                            shift
+                            profile_set=$1
+                            ;;
+    --duration-seconds )
+                            shift
+                            duration_seconds=$1
+                            ;;
+
+    --serial-number )
+                            shift
+                            serial_number=$1
+                            ;;
+
+    --token-code )
+                            shift
+                            token_code=$1
+                            ;;
+    -h | --help )
+                            showHelp
+                            exit 0
+                            ;;
+    * )
+                            showHelp
+                            exit 1
+                            ;;
+  esac
+  shift
+done
+
+if [ -z "${token_code}" ]; then
+    echo "--token-code is required"
+    exit 1
+fi
+
+command="aws sts get-session-token --output text --query '*.[AccessKeyId,SecretAccessKey,SessionToken]'"
+if [ "${profile_mfa}" ]; then
+    command="${command} --profile ${profile_mfa}"
+fi
+if [ "${duration_seconds}" ]; then
+    command="${command} --duration-seconds ${duration_seconds}"
+fi
+if [ "${serial_number}" ]; then
+    command="${command} --serial-number ${serial_number}"
+fi
+if [ "${token_code}" ]; then
+    command="${command} --token-code ${token_code}"
+fi
+
+result=$(eval ${command});
+access_key_id=$(echo "${result}" | awk '{print $1;}')
+secret_access_key=$(echo "${result}" | awk '{print $2;}')
+session_token=$(echo "${result}" | awk '{print $3;}')
+
+aws configure set profile.${profile_set}.aws_access_key_id $access_key_id
+aws configure set profile.${profile_set}.aws_secret_access_key $secret_access_key
+aws configure set profile.${profile_set}.aws_session_token $session_token
+
+exit 0