kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13591 from techieforfun/patch-1 

doc(mfa): add another workaround using aws-vault
This commit is contained in:
Kubernetes Prow Robot 2022-05-03 00:33:57 -07:00 committed by GitHub
parent 51646984a1 4102c2fb48
commit 8e7724df6f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/mfa.md
View File

@ -66,3 +66,13 @@ Use [awsudo](https://github.com/makethunder/awsudo) to generate temp credentials
pip install awsudo
env $(awsudo ${AWS_PROFILE} | grep AWS | xargs) kops ...
```
## The Workaround #3
Use [aws-vault](https://github.com/99designs/aws-vault) to generate temp session credentials. After setting up `aws-vault`, use alias for `kops` command. This way terminal will ask for MFA each time the credential session is expired. Commands would be:
```bash
AWS_PROFILE=sandbox
aws-vault add $AWS_PROFILE
alias kops="aws-vault exec ${AWS_PROFILE} -- kops"
```