この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。
This post is an introduction for the awesome tool, swrole.
The situation is below.
- you have an IAM user on account A
- you have an IAM role on account B
- Switching roles from account A requires MFA
Getting Started
Installing
brew tap tilfin/aws
brew install swrole
Configuring Profiles
Configure your profiles in your ~/.aws/credentials like followings.
[default] aws_access_key_id=XXXXXXXXXXXXXXX aws_secret_access_key=YYYYYYYYYYYYYYYYYYYYYYYYYYYY [accountB] source_profile = default role_arn = arn:aws:iam::xxxxxxxxxxxx:role/cm-takagi.kensuke mfa_serial = arn:aws:iam::yyyyyyyyyyyy:mfa/cm-takagi.kensuke
Usage
swrole accountB
Then, type your temporary token generated by your (virtual)? device.
You are on a new bash process, if authentication is succeeded. Now, you can any commands requires auth with MFA.
yarn cdk diff
yarn cdk deploy
Thank you to create the great tool, tilfin!!