This is followed by instructions for setting up AWS MFA, and then installing and configuring AWS CLI.
Unfortunately, this mandatory procedure took me half a working day. So that other insecure AWS users 😉, like myself, do not waste precious time on the banal, I decided to make an instruction.
Even for sandbox account setting MFA This is usually a mandatory requirement. We have it so.
Copy the key to the clipboard. You will need it in the next step.
$ aws configure --profile <your profile name>
AWS CLI via MFA
Copy the ARN of the virtual device
aws sts get-session-token --profile <имя профиля> --serial-number <ARN виртуального устройства> --token-code <одноразовый пароль>
The one-time password must be taken from the previously configured mobile application.
The command will output JSON, the individual fields of which must be substituted into the appropriate environment variables AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN
I decided to automate through ~/.bash_profile
To parse JSON, this script requires jq.