This post is an introduction for the awesome tool, swrole.
The situation is below.
- you have an IAM user on account A
- you have an IAM role on account B
- Switching roles from account A requires MFA
brew tap tilfin/aws brew install swrole
Configure your profiles in your ~/.aws/credentials like followings.
[default] aws_access_key_id=XXXXXXXXXXXXXXX aws_secret_access_key=YYYYYYYYYYYYYYYYYYYYYYYYYYYY [accountB] source_profile = default role_arn = arn:aws:iam::xxxxxxxxxxxx:role/cm-takagi.kensuke mfa_serial = arn:aws:iam::yyyyyyyyyyyy:mfa/cm-takagi.kensuke
Then, type your temporary token generated by your (virtual)? device.
You are on a new bash process, if authentication is succeeded. Now, you can any commands requires auth with MFA.
yarn cdk diff yarn cdk deploy
Thank you to create the great tool, tilfin!!