stsmfa-cli

STS MFA CLI

Source Code: https://github.com/browniebroke/stsmfa-cli

Creating temporary profiles for multi-factor auth (MFA) protected accounts using AWS STS is too hard. This is a small CLI that helps with that.

Installation

Via Homebrew:

brew install browniebroke/tap/stsmfa-cli

Via uv, or your favourite Python package manager:

uv tool install stsmfa-cli

Usage

The CLI is a simple command stsmfa that creates a profile for a temporary session protected by MFA.

Assuming your ~/.aws/credentials file looks like this:

[my-profile-name]
aws_access_key_id = AKIAXXXXX
aws_secret_access_key = xxxx
mfa_serial = arn:aws:iam::123456789010:mfa/first.last

When running, for example:

awsmfa --profile my-profile-name 123456

This will create a session using the MFA serial defined under my-profile-name with the one-time password 123456, and save the required AWS key, secret and token under as a new profile my-profile-name-mfa in you ~/.aws/credentials file.

Now to use that session, you just need to set AWS_PROFILE=my-profile-name-mfa.

If your MFA serial is defined under the default profile, you don't need to specify the --profile option.

Contributors ✨

Thanks goes to these wonderful people (emoji key):

Bruno Alla 💻 🤔 📖

This project follows the all-contributors specification. Contributions of any kind welcome!

Credits

This package was created with Copier and the browniebroke/pypackage-template project template.