aws-mfa-profile
Advanced tools
Helper class to make MFA authentication easier, when its required for local development.
Readme
Will setup an [mfa] profile with an STS token. Helpful in environments where MFA is required even for development access.
Setup AWS CLI with an access key and secret for the target MFA account.
> aws configure
Install this tool globaly.
> npm install aws-mfa-profile -g
To start the MFA process.
> aws-mfa-profile
Starting ...
What is your MFA device ID? It should be in the format arn:aws:iam::ACCOUNT_ID:mfa/USERNAME.
>
Respond to the prompt with the 'Assigned MFA device' value of your IAM profile page. Its within the 'Security Credentials' tab.
What is your current mfa token?
>
Next, supply a token from your MFA device.
To use your session, use the profile mfa via --profile default-mfa (serverles is --aws-profile default-mfa)
When its complete you will see a message indicating you should use --profile default-mfa. So for all of your AWS commands (or serverless.com commands) you will provide --profile default-mfa as an argument.
You can provide --profile as an argument to select a different profile to authenticate with. The MFA token will base its name off of this value, so if the profile you provide is 'foo' then the mfa credentials will be saved under 'foo-mfa'.
Nope, each time you run it, it will overwrite the current MFA configuration.
This file is used to create the token and is then udpated with an additional profile when a token is succesfully added.
[default]
aws_access_key_id = SOME_ACCESS_KEY_ID
aws_secret_access_key = SOME_SECRET_ACCESS_KEY
[default-mfa]
serial_number = arn:aws:iam::YOUR_ACCOUNT_ID:mfa/USERNAME
aws_access_key_id = SOME_ACCESS_KEY_ID
aws_secret_access_key = SOME_SECRET_ACCESS_KEY
aws_session_token = SOME_BIG_LONG_SESSION_ID
expiration = 2018-10-23T14:06:33.000Z
https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/
FAQs
Helper class to make MFA authentication easier, when its required for local development.
We found that aws-mfa-profile demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.