Skip to content

halprin/aws-mfa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
.github
.github
 
 
cmd
cmd
 
 
external
external
 
 
login
login
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

aws-mfa

AWS IAM User Credentials using MFA

Set-up

Modify your ~/.aws/credentials file.

First, there needs to be a profile section for the long-term credentials associated with the IAM user.

[default-long-term]
aws_access_key_id     = <Access Key ID>
aws_secret_access_key = <Secret Access Key>
mfa_serial            = <ARN to MFA device assigned to IAM user>

Then you add a profile section that you actively use for authenticating to AWS with.

[default]
aws_access_key_id     = a
aws_secret_access_key = a
aws_session_token     = a
source_profile        = <long-term profile section name, e.g. default-long-term>

The as will be replaced with real values after you run aws-mfa successfully.

Usage

aws-mfa login \
  [--mfa-code=<Current MFA code>] \
  [--profile=<Non-long-term profile name from the credentials file to login with>] \
  [--mfa-device-arn=<ARN of the MFA device used to login>] \
  [--duration=<Length of time, in seconds, to be logged in for>]
  • mfa-code - If unspecified on the command line, it will be queried for.
  • profile - If unspecified on the command line, it defaults to default.
  • mfa-device-arn - If unspecified on the command line, it is read from the long-term profile's mfa_serial value in ~/.aws/credentials.
  • duration - If unspecified on the command line, it defaults to 12 hours.

About

AWS IAM User Credentials using MFA

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Initial Release Latest
Jan 9, 2025

Packages

No packages published

Contributors 2

  •  
  •  

Languages