AWS get the current users ARN – BASH
I have already posted on how to get the AWS username from the users arn for both Ruby and Python. But what about BASH?
I love to use Bash to quickly whip something together and the awscli makes it super easy. However the get-caller-identity method was not introduced until version 1.10 of the cli. So you may need to upgrade your cli first. On a Mac/Linux desktop/server this is easy.
pip install --upgrade awscli
This should upgrade you to the latest version. At the time of this article it is/was 1.11.2.
Now the sts get-caller-identity should be working
aws sts get-caller-identity
It will return something like this:
{ "Account": "123456789012", "UserId": "Abcdefg123456789XYZ01", "Arn": "arn:aws:iam::123456789012:user/bob" }
Now we can parse that, we can either use jq, or –query. I will show both.
First for jq, which is a favorite tool around my shop:
aws sts get-caller-identity --output json | jq -r '.Arn' | cut -f 2 -d '/'
It looks a little messy but works as long as you have jq installed, but what about –query:
aws sts get-caller-identity --output text --query 'Arn' | cut -f 2 -d '/'
I use –output text to eliminate the double quotes .
As you can see bash, IMHO, is a much easier tool to work with using the aws cli to quickly build small shell scripts.