From 4102c2fb485767b91ec69f38122b6112f187308e Mon Sep 17 00:00:00 2001
From: Mohsen Sadeghzade <hi@techiefor.fun>
Date: Tue, 3 May 2022 06:31:01 +0000
Subject: [PATCH] doc(mfa): add another workaround using aws-vault

---
 docs/mfa.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/docs/mfa.md b/docs/mfa.md
index f94279bcda..99af0361f4 100644
--- a/docs/mfa.md
+++ b/docs/mfa.md
@@ -66,3 +66,13 @@ Use [awsudo](https://github.com/makethunder/awsudo) to generate temp credentials
 pip install awsudo
 env $(awsudo ${AWS_PROFILE} | grep AWS | xargs) kops ...
 ```
+
+## The Workaround #3
+
+Use [aws-vault](https://github.com/99designs/aws-vault) to generate temp session credentials. After setting up `aws-vault`, use alias for `kops` command. This way terminal will ask for MFA each time the credential session is expired. Commands would be:
+
+```bash
+AWS_PROFILE=sandbox
+aws-vault add $AWS_PROFILE
+alias kops="aws-vault exec ${AWS_PROFILE} -- kops"
+```