diff --git a/00-dev-environment/answers.md b/00-dev-environment/answers.md new file mode 100644 index 00000000..b404c79e --- /dev/null +++ b/00-dev-environment/answers.md @@ -0,0 +1,8 @@ +# This file holds all answers and reference to scripts for module 00 + +## Exercise 0.1.1: MFA Script + +- The script "creds.sh" helps reduce the manual effort of gathering and assigning of the temporary AWS MFA credentials + +- All you need to do is run the script like this below: + - ./creds.sh -e -t diff --git a/00-dev-environment/creds.sh b/00-dev-environment/creds.sh new file mode 100755 index 00000000..24c74a6b --- /dev/null +++ b/00-dev-environment/creds.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# inputs needed - environment (ENV) and code (TOKEN) +echo $@ +POSITIONAL=() +while [[ $# -gt 0 ]] +do +key="$1" + +case $key in + -e|--env) + ENV="$2" + shift # past argument + shift # past value + ;; + -t|--token) + TOKEN="$2" + shift # past argument + shift # past value + ;; + *) # unknown option + POSITIONAL+=("$1") # save it in an array for later + shift # past argument + ;; +esac +done +set -- "${POSITIONAL[@]}" # restore positional parameters + +if [ "${ENV}" = "lab" ]; then + SERIAL='arn:aws:iam::324320755747:mfa/fidelis.ogunsanmi.labs' +fi + +echo "Configuring $ENV with token $TOKEN" +CREDJSON="$(aws sts get-session-token --serial-number $SERIAL --profile $ENV --token-code $TOKEN)" + +ACCESSKEY="$(echo $CREDJSON | jq '.Credentials.AccessKeyId' | sed 's/"//g')" +SECRETKEY="$(echo $CREDJSON | jq '.Credentials.SecretAccessKey' | sed 's/"//g')" +SESSIONTOKEN="$(echo $CREDJSON | jq '.Credentials.SessionToken' | sed 's/"//g')" +PROFILENAME="$ENV"mfa + +# echo "Profile $PROFILENAME AccessKey $ACCESSKEY SecretKey $SECRETKEY" +# echo "SessionToken $SESSIONTOKEN" + +aws configure set aws_access_key_id $ACCESSKEY --profile $PROFILENAME +aws configure set aws_secret_access_key $SECRETKEY --profile $PROFILENAME +aws configure set aws_session_token $SESSIONTOKEN --profile $PROFILENAME +