Document how to cache credentials with binary release
evbo opened this issue · comments
- I am using the latest release of AWS Vault
- I have provided my
.aws/config
(redacted if necessary) - I have provided the debug output using
aws-vault --debug
(redacted if necessary)
Something simple using the latest binary, but all commands always request my passcode regardless of any duration I specify:
aws-vault-linux-amd64 exec me --duration=2h -- aws --region=us-west-2 lambda list-functions --debug
It doesn't ask me for MFA. I repeat it. Still doesn't ask me for MFA and again asks me for the passcode. Nothing seems to be cached. Occasionally it will ask for MFA but it always asks for the passcode, which is getting to be a lot of typing.
How can this work where no credentials are requested of me until after the duration specified?
aws config:
[profile localstack]
output=json
region=us-west-2
[profile me]
mfa_serial=arn:aws:iam::XXX
region=us-west-2
output of command with debug:
debug.txt
you've posted the aws debug logs, not the aws-vault debug logs