I am looking for a way to login to the AWS (and EKS) using the CLI using environment variables assuming a specific role.

Being able to assume the specific role is important as the role I have defined is mapped to my EKS cluster only allowing permissions in a single namespace. I am already able to login when defining AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_DEFAULT_REGION.

I will be running this on a pipeline so using environment variables is required. The only way I got it to work currently is to set the env vars for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY and inject them into the ~/.aws/credentials file and creating a ~/.aws/config file. I also have to unset the variables or use different variable names as the CLI attempts to use them which doesn't play well with the profile.

Example below:

export AWS_ACCESS_KEY_ID=*****REMOVED*****
export AWS_SECRET_ACCESS_KEY=*****REMOVED*****

mkdir ~/.aws

cat <<EOT >> ~/.aws/config
[test]
region = us-east-1

[profile test-profile]
region = us-west-1
role_arn = arn:aws:iam::111111111111:role/test-role
source_profile = test
EOT

cat <<EOT >> ~/.aws/credentials
[test]
aws_access_key_id = ${AWS_ACCESS_KEY_ID}
aws_secret_access_key = ${AWS_SECRET_ACCESS_KEY}
EOT

I don't mind going ahead with this approach but is not as clean as i'd like. Ideally all environment variables can be used for this.