name: AWS Infrastructure as Code

jobs:
  - job: demo
    displayName: Demo

    steps:
      - checkout: self

      - task: AzureCLI@2
        name: AWSSetup
        env:
          ServiceConnectionId: wifconnectionname
          SYSTEM_ACCESSTOKEN: $(System.AccessToken)
          AWS_ROLE_ARN: 'arn:aws:iam::0123456789:role/azure-devops-pipeline'
          AWS_ROLE_SESSION_NAME: azDevOpsPipeline
          AWS_REGION: us-east-1
        inputs:
          azureSubscription: wifconnectionname
          scriptType: bash
          scriptLocation: scriptPath
          scriptPath: './aws_oidc_setup.sh'

      - task: AzureCLI@2
        name: ShowFederation
        env:
          ServiceConnectionId: wifconnectionname
          SYSTEM_ACCESSTOKEN: $(System.AccessToken)
          AWS_ACCESS_KEY_ID: $(AWSSetup.accessKeyId)
          AWS_SECRET_ACCESS_KEY: $(AWSSetup.secretAccessKey)
          AWS_SESSION_TOKEN: $(AWSSetup.sessionToken)
        inputs:
          azureSubscription: wifconnectionname
          workingDirectory: '.'
          scriptType: bash
          scriptLocation: 'inlineScript'
          inlineScript: |
            aws sts get-caller-identity