AWS CLI not honoring MultiFactorAuthAge

So, I discovered the reason for this behavior:

As described in this Github Issue, AWS CLI treats any session within 15min as expired, refreshing the creds automatically (or asking for a new one-time passcode, in case of MFA).

So, setting the session duration for 15min (900s) is basically the same as getting a one-time credential.

I just tested setting the session_duration to 930 (15min + 30s), and the session is indeed valid for 30 seconds.

Tags:

Aws Cli

Multi Factor Authentication

Related

How can I add a colored shadow at the right inside of my hexagon? Java counting in a period of a window size(e.g. size=3) Why does printf() in the parent almost always win the race condition after fork()? App Store Connect Operation Error: ITMS-90164 [] for key com.apple.developer.healthkit.access The entitlements in your app bundle signature do not match the ones that are contained in the provisioning profile Car lane assignment algorithm Why is the size of a tuple or struct not the sum of the members? Keep rows in data frame that, for all combinations of the values of certain columns, contain the same elements in another column Numerically stable way to compute sqrt((b²*c²) / (1-c²)) for c in [-1, 1] Why does GCC's ifstream >> double allocate so much memory? Latest omniauth-facebook gem breaks devise How do I avoid looping through multiple arrays

Recent Posts