· 6 years ago · Jun 23, 2019, 03:10 PM
1$source_profile = "default"
2$region = "ap-southeast-2"
3$role_arn = "arn:aws:iam::account_id:role/role-test"
4$target_profile = "test"
5$target_profile_path = "$HOME\.aws\credentials"
6$session_name = "test"
7
8# Assume Role
9$Response = (Use-STSRole -Region $region -RoleArn $role_arn -RoleSessionName $session_name -ProfileName $source_profile).Credentials
10
11# Export Crendentail as environment variable
12$env:AWS_ACCESS_KEY_ID=$Response.AccessKeyId
13$env:AWS_SECRET_ACCESS_KEY=$Response.SecretAccessKey
14$env:AWS_SESSION_TOKEN=$Response.SessionToken
15
16# Create Profile with Credentials
17Set-AWSCredential -StoreAs $target_profile -ProfileLocation $target_profile_path -AccessKey $Response.AccessKeyId -SecretKey $Response.SecretAccessKey -SessionToken $Response.SessionToken
18
19# Print expiration time
20Write-Host("Credentials will expire at: " + $Response.Expiration)