2020-04-15 01:54:11 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
# This grabs the encrypted credentials file and decrypts it.
|
|
|
|
|
|
2020-04-15 20:45:57 +00:00
|
|
|
aws --profile ${AWS_PROFILE} --region ${AWS_REGION} s3 cp s3://${AWS_S3_BUCKET}/vault_creds_encrypted ./temp/vault_creds_encrypted
|
|
|
|
|
aws --profile ${AWS_PROFILE} --region ${AWS_REGION} kms decrypt --key-id ${AWS_KMS_KEY_ID} --ciphertext-blob fileb://temp/vault_creds_encrypted --output text --query Plaintext | base64 --decode > ./temp/vault_creds_decrypted
|
