-
Notifications
You must be signed in to change notification settings - Fork 821
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws-vault login with existing STS temporary credentials #861
Comments
Yes I believe what you're asking is possible - what does your AWS config look like and what's the result of aws-vault --debug login when attempting this? |
With the following
I get:
Note that running
|
@christophetd aws-vault doesn't recognise credentials in the config file. Add them via |
aws-vault won't use existing STS credentials, it will use the credentials stored in the keychain by aws-vault. But aws-vault doesn't need to call sts::AssumeRole either - it will create a session via federation if a role isn't specified |
It might be possible to add an |
But this will only works for IAM users, because
Sounds good, in which case we can probably have a new |
This doesn't satisfy the use-case since |
proposal in #864 |
Hello!
I'd like to use aws-vault with existing STS temporary credentials. I don't want aws-vault to call
sts:AssumeRole
for me; I want to be able to pass it my access key ID, secret access key and session token and have it generating the AWS Console sign-in link.Is this currently supported? My understanding is that it's currently not supported
Thank you
The text was updated successfully, but these errors were encountered: