AWS get the current users ARN – BASH

AWS get the current users ARN – BASH

I have already posted on how to get the AWS username from the users arn for both Ruby and Python. But what about BASH?

I love to use Bash to quickly whip something together and the awscli makes it super easy. However the get-caller-identity method was not introduced until version 1.10 of the cli. So you may need to upgrade your cli first. On a Mac/Linux desktop/server this is easy.

pip install --upgrade awscli

This should upgrade you to the latest version. At the time of this article it is/was 1.11.2.

Now the sts get-caller-identity should be working

aws sts get-caller-identity

It will return something like this:

{
"Account": "123456789012",
"UserId": "Abcdefg123456789XYZ01",
"Arn": "arn:aws:iam::123456789012:user/bob"
}

Now we can parse that, we can either use jq, or –query. I will show both.

First for jq, which is a favorite tool around my shop:

aws sts get-caller-identity --output json | jq -r '.Arn' | cut -f 2 -d '/'

It looks a little messy but works as long as you have jq installed, but what about –query:

aws sts get-caller-identity --output text --query 'Arn' | cut -f 2 -d '/'

I use –output text to eliminate the double quotes .

As you can see bash, IMHO, is a much easier tool to work with using the aws cli to quickly build small shell scripts.

 

Comments are closed.