Open shwethaumashanker opened 1 year ago
I think you have your config reversed. It works for me wtih
[profile lxk-iam]
region = us-east-1
credential_process = granted credential-process --profile=lxk-iam
[profile lxk-sandbox]
role_arn = arn:aws:iam::000000000000:role/@Global_Administrator
source_profile = lxk-iam
region = us-east-1
mfa_serial = arn:aws:iam::111111111111:mfa/mfa-cli
❯ assume lxk-sandbox
? MFA Token
MFA with chained roles with IAM credentials does not work as expected. Set up to reproduce the error:
❯ assume testing [✘] operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: ec58cdde-7f57-4dcf-b466-b6990cec9c9d, api error InvalidClientTokenId: The security token included in the request is invalid.
It does not correctly recognize that it has to prompt for MFA