botocore icon indicating copy to clipboard operation
botocore copied to clipboard

Published 20 hours ago verified publisher icon boto

Support for mfa_serial in shared credentials

Open outcoldman opened this issue 6 years ago • 8 comments

Trying to address the issue I have created in aws-cli project https://github.com/aws/aws-cli/issues/3172

I would like to support MFA for standard access keys (which does not require assumerole).

Curious, any objections for implementing it this way? If not I will add tests to finish work on this PR.

After this PR I will also open similar to AssumeRole in aws-cli to support JSONFileCache.

outcoldman avatar Mar 01 '18 05:03 outcoldman

Codecov Report

Merging #1399 into develop will increase coverage by 0.01%. The diff coverage is 94%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    aws/aws-cli#1399      +/-   ##
===========================================
+ Coverage    80.52%   80.53%   +0.01%     
===========================================
  Files           87       87              
  Lines        12123    12145      +22     
===========================================
+ Hits          9762     9781      +19     
- Misses        2361     2364       +3
Impacted Files Coverage Δ
botocore/credentials.py 98.06% <94%> (-0.35%) :arrow_down:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update e6791f2...9fb891f. Read the comment docs.

codecov-io avatar Mar 02 '18 05:03 codecov-io

cc @JordonPhillips related change in aws-cli https://github.com/aws/aws-cli/pull/3174

outcoldman avatar Mar 02 '18 06:03 outcoldman

Can this get another review? It would be really great to support this by now.

cornfeedhobo avatar Dec 26 '18 17:12 cornfeedhobo

Hi... any news on this? I also am in need of this feature..

Thanks,

nunofernandes avatar Feb 26 '19 19:02 nunofernandes

Considering how long this has been dead, has the usability issue been addressed by something else somewhere else?

hovissimo avatar Jul 30 '19 22:07 hovissimo

@hovissimo the easies way to solve this issue - switch to assumerole option.

outcoldman avatar Jul 31 '19 01:07 outcoldman

@nateprewitt @atomicfruitcake @wimglenn @zdutta

Can this please get assigned to someone?

cornfeedhobo avatar Nov 28 '20 16:11 cornfeedhobo

How can we (cloud users) be expected to improve our security stance when the cloud provider doesn't provide us with the tools. Please review and commit this.

whereismypen avatar Mar 31 '22 09:03 whereismypen

Nothing to comment other then, this is more than 5 years old and there is support for this feature.

When will this be implemented?

whereismypen avatar Jan 18 '23 14:01 whereismypen

For everyone watching this issue, please send a link of this thread to your assigned solutions architect. AWS won't care about this unless they hear about it A TON through their internal support channels.

If you are commenting here anymore, it's a waste of time. Open a support ticket. Spam them.

cornfeedhobo avatar Feb 01 '23 13:02 cornfeedhobo

Hi all, thanks for your patience here and apologies that it has taken so long to get a response. I have transferred the related issue (https://github.com/aws/aws-sdk/issues/529) to our cross-SDK repository for further tracking. As mentioned in that issue, a design proposal is required in order to consider how the implementation would work across SDKs. Changes involving shared credentials generally need to be considered at a cross-SDK level in order to maintain consistency. Please 👍 the issue if interested in this feature and comment if you have any additional information to share.

tim-finnigan avatar May 01 '23 22:05 tim-finnigan