MFA 환경에서 AWS CLI 사용 하기
2024. 2. 19. 18:22ㆍAWS/Security
728x90
SMALL
- 개요
MFA 환경에서 AWS CLI 사용 하려면, session token과 임시 AWS Access key와 Secret key가 필요하다.
- 방법
# aws sts get-session-token --duration-seconds 10000 --serial-number "arn:aws:iam::111111111:mfa/mfa_user" --token-code 123456
{
"Credentials": {
"AccessKeyId": "ABCDQWEQWEQWEQWE",
"SecretAccessKey": "YWEesaldkjsadlkgjasgsdgsadgsadgsadgsadg",
"SessionToken": "sadfsdfsdfsadf/asdfsadfsdfsadfsadf/v//////////sdfgdsfgdfg+dsfgdsfgsdfg/dsfgsdfgsdfg/FG3TNqkzC2gQm6OPMN28y64GOpcBH20CXZNG4+dsfgdsfgsdfgsdfg/sdfgdsfgdsfgdsfg+sdfgsdfgdsfg+sdfgsdfgsdfgdsfg==",
"Expiration": "2024-02-19T12:12:12+00:00"
}
}
# export AWS_ACCESS_KEY_ID=ABCDQWEQWEQWEQWE
# export AWS_SECRET_ACCESS_KEY=YWEesaldkjsadlkgjasgsdgsadgsadgsadgsadg
# export AWS_SESSION_TOKEN=sadfsdfsdfsadf/asdfsadfsdfsadfsadf/v//////////sdfgdsfgdfg+dsfgdsfgsdfg/dsfgsdfgsdfg/FG3TNqkzC2gQm6OPMN28y64GOpcBH20CXZNG4+dsfgdsfgsdfgsdfg/sdfgdsfgdsfgdsfg+sdfgsdfgdsfg+sdfgsdfgsdfgdsfg==
- 참고
https://repost.aws/knowledge-center/authenticate-mfa-cli
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-session-token.html
https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_access-denied.html
728x90
LIST
'AWS > Security' 카테고리의 다른 글
| VPC endpoint for dynamodb 사용 하기 (0) | 2024.02.19 |
|---|---|
| EBS Snapshots BPA(Block Public Access) (0) | 2023.12.29 |
| AMI BPA(Block Public Access) 설정 (1) | 2023.09.22 |
| Security Policy (ELB, Cloudfront) (0) | 2023.05.15 |
| AWSCompromisedKeyQuarantineV2 (0) | 2023.02.14 |