• I am using the latest release of AWS Vault
• I have provided my .aws/config (redacted if necessary)
• I have provided the debug output using aws-vault --debug (redacted if necessary)

Something simple using the latest binary, but all commands always request my passcode regardless of any duration I specify:

aws-vault-linux-amd64 exec me --duration=2h -- aws --region=us-west-2   lambda list-functions --debug

It doesn't ask me for MFA. I repeat it. Still doesn't ask me for MFA and again asks me for the passcode. Nothing seems to be cached. Occasionally it will ask for MFA but it always asks for the passcode, which is getting to be a lot of typing.

How can this work where no credentials are requested of me until after the duration specified?

aws config:

[profile localstack]
output=json
region=us-west-2

[profile me]
mfa_serial=arn:aws:iam::XXX
region=us-west-2

output of command with debug:
debug.txt

you've posted the aws debug logs, not the aws-vault debug logs