#

AWS MFA to session token

aws
Posted on: May 12th 2020, 11:30:30 am

Add credentials to ~/.aws/credentials

vim ~/.aws/credentials


[org-dev]
aws_access_key_id=SAMPLEAWSACCESSKEYID
aws_secret_access_key=SAMPLEAWSSECRETACCESSKEY

[mfa]]
aws_access_key_id=
aws_secret_access_key=
aws_session_token=

Run the command

aws --profile org-dev sts get-session-token --serial-number arn:aws:iam::9310312321312321:mfa/User --token-code 372049

Response

{
    "Credentials": {
        "AccessKeyId": "AccessKeyId",
        "SecretAccessKey": "SecretAcccessKey",
        "SessionToken": "SESSTION-TOKEN-LONG_KEY",
        "Expiration": "2020-05-12T23:26:08Z"
    }
}

Copy response to ~/.aws/credentials in [mfa] section

Check if credentials works

aws --profile mfa s3 ls