Skip to content
This repository has been archived by the owner on Mar 27, 2021. It is now read-only.

Commit

Permalink
Fixed assume role without MFA
Browse files Browse the repository at this point in the history
  • Loading branch information
@ivanfoo
ivanfoo committed Oct 9, 2018
1 parent add93f3 commit 2bb254e
Showing 1 changed file with 19 additions and 7 deletions.
26 changes: 19 additions & 7 deletions commands/assume.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,13 +107,25 @@ func (c *AssumeCommand) askForTokenCode() string {

func (c *AssumeCommand) getCredentials(serialNumber string, tokenCode string, roleArn string) (*awsCredentials, error) {
service := sts.New(c.session)
role, err := service.AssumeRole(&sts.AssumeRoleInput{
RoleSessionName: aws.String(c.Alias),
DurationSeconds: aws.Int64(c.Duration),
RoleArn: aws.String(roleArn),
SerialNumber: aws.String(serialNumber),
TokenCode: aws.String(tokenCode),
})

var stsRequest *sts.AssumeRoleInput
if c.MFA {
stsRequest = &sts.AssumeRoleInput{
RoleSessionName: aws.String(c.Alias),
DurationSeconds: aws.Int64(c.Duration),
RoleArn: aws.String(roleArn),
SerialNumber: aws.String(serialNumber),
TokenCode: aws.String(tokenCode),
}
} else {
stsRequest = &sts.AssumeRoleInput{
RoleSessionName: aws.String(c.Alias),
DurationSeconds: aws.Int64(c.Duration),
RoleArn: aws.String(roleArn),
}
}

role, err := service.AssumeRole(stsRequest)

if err != nil {
return nil, err
Expand Down

0 comments on commit 2bb254e

Please sign in to comment.