зеркало из
https://github.com/iharh/notes.git
synced 2025-11-01 22:26:09 +02:00
26 строки
1.3 KiB
Plaintext
26 строки
1.3 KiB
Plaintext
https://github.com/broamski/aws-mfa
|
|
The concept behind aws-mfa is that there are 2 types of credentials:
|
|
long-term - Your typcial AWS access keys, consisting of an
|
|
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
|
|
short-term - A temporary set of credentials that are generated by AWS STS using your long-term credentials
|
|
in combination with your MFA device serial number
|
|
(either a hardware device serial number or virtual device ARN) and one time token code.
|
|
Your short term credentials are the credentials that are actively utilized by the AWS SDK in use.
|
|
|
|
need to read
|
|
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_configure-api-require.html
|
|
|
|
ERROR - An error occured while calling assume role: An error occurred (InvalidClientTokenId) when calling the AssumeRole operation:
|
|
The security token included in the request is invalid.
|
|
|
|
2021
|
|
https://bobbyhadz.com/blog/aws-cli-security-token-included-request-invalid
|
|
1. Check the security credentials validity in IAM console (https://us-east-1.console.aws.amazon.com)
|
|
https://us-east-1.console.aws.amazon.com/iam/home#/security_credentials
|
|
|
|
???
|
|
~/.aws/credentials
|
|
check [default-development] profile
|
|
https://aws.amazon.com/premiumsupport/knowledge-center/sts-iam-token-expired/
|
|
!!! need to read
|