@20i/aws-profile-scripts

aws-profile-scripts

Usage

# install globally - this is a private @20i package so make sure your .npmrc is set up
npm i -g @20i/aws-profile-scripts

# view usage entry
add-aws-profile --help

Scenario 1: SSO credentails

• Open your SSO link, such as: https://twentyideas.awsapps.com/start/
• Click on the project you want to authenticate with
• Select "Command line or programmatic access"
• Copy the text under "Option 2: Add a profile to your AWS credentials file"
• Run add-aws-profile <profileName> with <profileName> as the profile you want to add or replace
• Paste in the profile you copied

This will add the profile to your ~/.aws/credentials file, and create a backup of the file.

Scenario 2: MFA device

• Configure an mfa profile. This will contain an access key generated in IAM.

  # I'm creating a profile called my-project, so I need to add my-project-mfa
  aws configure --profile my-project-mfa
  

• Run aws-mfa -p my-project
  • Get the serial number for your MFA device from the AWS console. It should look something like this: arn:aws:iam::123456789123:mfa/Authenticator. You can also pass a -s flag to the aws-mfa command to keep this handy in your terminal history.
  • Enter the token from your authenticator when prompted for your OTP.

This should add a profile to your ~/.aws/credentials file with a temporary token. This command does not currently create a backup file for you, so you may want to make one yourself before running it.