shell-plugins icon indicating copy to clipboard operation
shell-plugins copied to clipboard

Published 20 hours ago verified publisher icon 1Password

set AWS_SESSION_TOKEN

Open cellulosa opened this issue 9 months ago • 1 comments

op CLI version

2.28.0

Goal or desired behavior

The plugin allows setting multi-factor authentication. I am using an enterprise account without the IAM privileges. I login via OKTA and am presented with the following access details after login:

AWS_ACCESS_KEY_ID=""
AWS_SECRET_ACCESS_KEY=""
AWS_SESSION_TOKEN=""

Current behavior

Currently I can update the access key id and secret access key fields on 1password:

Screenshot 2024-05-01 at 15 17 22

However, I am unable to provide the AWS_SESSION_TOKEN value. Therefore, to be able to login, I have to expose the password via variable definition in the terminal before calling any aws command:

export AWS_SESSION_TOKEN=""
aws s3 ls

Would it be possible to be able to set such variable in the relevant 1password item? Or how would do you recommend approaching this?

Relevant log output

If I don't provide the AWS_SESSION_TOKEN inline, I get the following error:


An error occurred (InvalidAccessKeyId) when calling the ListBuckets operation: The AWS Access Key Id you provided does not exist in our records.

cellulosa avatar May 01 '24 14:05 cellulosa