Description
MFA is configured on my root account IAM user. I use the role_arn option in ~/.aws/config to assume a role in a subaccount which has a trust relationship with the root account. After signing in to AWS for CLI use,
Steps to reproduce the issue:
Sign in to AWS for CLIv2
docker context use myecs
Describe the results you received:
All subsequent docker commands fail with AssumeRoleTokenProviderNotSetError: assume role with MFA enabled, but AssumeRoleTokenProvider session option not set
Describe the results you expected:
Expected to use the docker compose CLI as advertised.
Additional information you deem important (e.g. issue happens only occasionally):
The problem can be worked around by,
unset AWS_PROFILE
export AWS_REGION=<region>
Output of docker-compose --version:
Docker version 20.10.23, build 7155243
Output of docker version:
Client: Docker Engine - Community
Cloud integration: v1.0.30
Version: 20.10.23
API version: 1.41
Go version: go1.18.10
Git commit: 7155243
Built: Thu Jan 19 17:45:08 2023
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.23
API version: 1.41 (minimum version 1.12)
Go version: go1.18.10
Git commit: 6051f14
Built: Thu Jan 19 17:42:57 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.15
GitCommit: 5b842e528e99d4d4c1686467debf2bd4b88ecd86
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Description MFA is configured on my root account IAM user. I use the
role_arn
option in~/.aws/config
to assume a role in a subaccount which has a trust relationship with the root account. After signing in to AWS for CLI use,Steps to reproduce the issue:
docker context use myecs
Describe the results you received: All subsequent docker commands fail with
AssumeRoleTokenProviderNotSetError: assume role with MFA enabled, but AssumeRoleTokenProvider session option not set
Describe the results you expected: Expected to use the docker compose CLI as advertised.
Additional information you deem important (e.g. issue happens only occasionally): The problem can be worked around by,
Output of
docker-compose --version
:Output of
docker version
:Output of
docker context inspect
:Output of
docker info
:Additional environment details (AWS ECS, Azure ACI, local, etc.): AWS ECS.