aws-mfa-profile
Advanced tools
Helper class to make MFA authentication easier, when its required for local development.
Will setup an [mfa] profile with an STS token. Helpful in environments where MFA is required even for development access.
Setup AWS CLI with an access key and secret for the target MFA account.
> aws configure
Install this tool globaly.
> npm install aws-mfa-profile -g
To start the MFA process.
> aws-mfa-profile
Starting ...
What is your MFA device ID? It should be in the format arn:aws:iam::ACCOUNT_ID:mfa/USERNAME.
>
Respond to the prompt with the 'Assigned MFA device' value of your IAM profile page. Its within the 'Security Credentials' tab.
What is your current mfa token?
>
Next, supply a token from your MFA device.
To use your session, use the profile mfa via --profile default-mfa (serverles is --aws-profile default-mfa)
When its complete you will see a message indicating you should use --profile default-mfa. So for all of your AWS commands (or serverless.com commands) you will provide --profile default-mfa as an argument.
You can provide --profile as an argument to select a different profile to authenticate with. The MFA token will base its name off of this value, so if the profile you provide is 'foo' then the mfa credentials will be saved under 'foo-mfa'.
Nope, each time you run it, it will overwrite the current MFA configuration.
This file is used to create the token and is then udpated with an additional profile when a token is succesfully added.
[default]
aws_access_key_id = SOME_ACCESS_KEY_ID
aws_secret_access_key = SOME_SECRET_ACCESS_KEY
[default-mfa]
serial_number = arn:aws:iam::YOUR_ACCOUNT_ID:mfa/USERNAME
aws_access_key_id = SOME_ACCESS_KEY_ID
aws_secret_access_key = SOME_SECRET_ACCESS_KEY
aws_session_token = SOME_BIG_LONG_SESSION_ID
expiration = 2018-10-23T14:06:33.000Z
https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/
FAQs
Helper class to make MFA authentication easier, when its required for local development.
The npm package aws-mfa-profile receives a total of 10 weekly downloads. As such, aws-mfa-profile popularity was classified as not popular.
We found that aws-mfa-profile demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A brand-squatted TanStack npm package used postinstall scripts to steal .env files and exfiltrate developer secrets to an attacker-controlled endpoint.
Research
Compromised SAP CAP npm packages download and execute unverified binaries, creating urgent supply chain risk for affected developers and CI/CD environments.
Company News
Socket has acquired Secure Annex to expand extension security across browsers, IDEs, and AI tools.