updated few scripts

get-temporary-access-secret-key/README.md

@@ -0,0 +1,14 @@
+# get-temporary-access-secret-key
+
+This script will generate a pair of access key and secret key with `SESSION_TOKEN` to run scripts which do not have Assume Role facility. The script takes 2 inputs, AWS profile name and AWS region.
+
+Example output:
+```
+export AWS_DEFAULT_REGION=ap-southeast-1	(you can change this without re-running the script)
+export AWS_ACCESS_KEY="ASIAAccessKeyId76VA"
+export AWS_SECRET_KEY="fH5C1IQzSecretAccessKeyO6CuQKW"
+export AWS_SESSION_TOKEN="FQSessionTokenYghVyiHnpjVBQ=="
+export AWS_DEFAULT_OUTPUT=text
+```
+
+Just copy paste the above output in a terminal and you are good to go. Make sure to input ROLENAME in the script.

get-temporary-access-secret-key/get-temporary-access-secret-key.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+
+
+usage() {
+	echo 'Set AWS access key, secret key and session token from STS (default 1 hour duration)
+Usage:
+./script.sh <AWS_PROFILE_NAME> <AWS_REGION>
+'
+
+}
+
+if [ "$#" -ne 2 ]; then
+	usage
+else
+	export PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:$PATH
+	ACCOUNT_ID="$(aws --profile "$1" sts get-caller-identity --query 'Account' --output text)"
+	CREDS_JSON="$(aws --profile "$1" sts assume-role --role-arn "arn:aws:iam::$ACCOUNT_ID:role/<ROLENAME>" --role-session-name "sts-creds-$(date +%s)" --output json)"
+
+	echo
+	echo "### PROFILE $1 ###"
+	echo
+	echo 'export AWS_DEFAULT_REGION='"$2"
+	echo 'export AWS_ACCESS_KEY_ID='$(echo "$CREDS_JSON" | jq '.Credentials | .AccessKeyId')
+	echo 'export AWS_SECRET_ACCESS_KEY='$(echo "$CREDS_JSON" | jq '.Credentials | .SecretAccessKey')
+	echo 'export AWS_SESSION_TOKEN='$(echo "$CREDS_JSON" | jq '.Credentials | .SessionToken')
+	echo 'export AWS_DEFAULT_OUTPUT=text'
+	echo
+fi