Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature - Specify the AWS_SESSION_DURATION for MFA session tokens #2748

Closed
ajohnstone opened this issue Aug 4, 2017 · 5 comments
Closed

Feature - Specify the AWS_SESSION_DURATION for MFA session tokens #2748

ajohnstone opened this issue Aug 4, 2017 · 5 comments
Assignees
@justnance
Labels
closing-soon This issue will automatically close in 4 days unless further comments are made. guidance Question that needs advice or information. service-api This issue is due to a problem in a service API, not the SDK implementation.

Comments

@ajohnstone
Copy link

Similar to #2177, however would like to specify the session duration to a configurable period, so can specify a longer period.

Expose environment variable of AWS_SESSION_DURATION and session-duration in the ~/.aws/config.

aws-cli/1.11.127 Python/2.7.12 Linux/4.4.0-81-generic botocore/1.5.90
@ajohnstone ajohnstone changed the title Specify the AWS_SESSION_DURATION for MFA session tokens Feature - Specify the AWS_SESSION_DURATION for MFA session tokens Aug 4, 2017
@jamesls
Copy link
Member

jamesls commented Aug 7, 2017

The session duration would be useful if we supported the sts get-session-token as a credential provider, but the assume-role provider we currently support only lets you shorten the duration. Did you want to use this for the assume role provider with MFA? If so, we'd have to get the service to support specifying longer durations first.

@ajohnstone
Copy link
Author

Hi,

Yes using with mfa e.g.

[profile photobox]
role_arn = arn:aws:iam::xxxx:role/<REPLACE-ME-ROLE>
source_profile = photobox-jump
mfa_serial = arn:aws:iam::xxx:mfa/<REPLACE-ME-EMAIL>

Thanks

Andy

@drAlberT
Copy link

drAlberT commented Sep 7, 2018

this is still so actual .. please consider :) tnx

@MarkRose MarkRose mentioned this issue Sep 19, 2018
Closed
@justnance
Copy link

@ajohnstone and @drAlberT - Thanks for your feedback. Currently the service does not use the assume role provider with MFA. This feature would be a request for the IAM Service team. It is recommended to reach out on the AWS IAM forums or contact AWS Support. If the service team approves and adds this feature it will be exposed from the API to the CLI.

@justnance justnance self-assigned this Feb 18, 2019
@justnance justnance added guidance Question that needs advice or information. service-api This issue is due to a problem in a service API, not the SDK implementation. closing-soon This issue will automatically close in 4 days unless further comments are made. and removed needs-response labels Feb 18, 2019
@no-response
Copy link

no-response bot commented Feb 25, 2019

This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further.

@no-response no-response bot closed this as completed Feb 25, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@justnance justnance

Labels
closing-soon This issue will automatically close in 4 days unless further comments are made. guidance Question that needs advice or information. service-api This issue is due to a problem in a service API, not the SDK implementation.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ajohnstone @jamesls @drAlberT @justnance @diehlaws