Skip to content
Snippets Groups Projects
Select Git revision
  • 0e33c704ede9b9d62797ee2a521d63f74b927f45
  • master default
2 results

ntp.yml

Blame
    • assume-role 977 B
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40 
    

    

    

    #!/bin/sh
set -eu

# This script runs the AWS assume-role command, captures the output, sets the
# environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and
# AWS_SESSION_TOKEN) and executes the command given.

usage() {
    echo "$(basename "$0"): [-h|--help] ROLE_ARN COMMAND [PARAMETER [PARAMETER ...]]"
}

command -v aws > /dev/null || { echo 'Cannot find the AWS CLI, exiting.' >&2; exit 1; }

if [ "$#" -lt 2 ]
then
    usage
    exit 1
fi

role_arn="$1"
shift

credentials="$(aws sts assume-role \
    --output text \
    --duration-seconds 3600 \
    --role-arn "$role_arn" \
    --role-session-name 'CircleCI_executor')"

AWS_ACCESS_KEY_ID="$(echo "$credentials" | awk 'NR == 2 {print $2}')"
AWS_SECRET_ACCESS_KEY="$(echo "$credentials" | awk 'NR == 2 {print $4}')"
AWS_SESSION_TOKEN="$(echo "$credentials" | awk 'NR == 2 {print $5}')"

export AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY
export AWS_SESSION_TOKEN

unset AWS_SECURITY_TOKEN

eval exec "$@"