CredentialsProviderError: Profile production requires multi-factor authentication, but no MFA code callback was provided.

[billmetangmo]

Hello,

Thanks for haring this wonderful tool with the community. I am currently not able to use it because of error:

CredentialsProviderError: Profile production requires multi-factor authentication, but no MFA code callback was provided.
    at resolveAssumeRoleCredentials (/Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/resolveAssumeRoleCredentials.js:44:19)
    at resolveProfileData (/Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/resolveProfileData.js:16:80)
    at /Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@aws-sdk/credential-provider-ini/dist-cjs/fromIni.js:8:56
    at async /Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@smithy/property-provider/dist-cjs/chain.js:12:33
    at async coalesceProvider (/Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@smithy/property-provider/dist-cjs/memoize.js:14:24)
    at async SignatureV4.credentialProvider (/Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@smithy/property-provider/dist-cjs/memoize.js:33:24)
    at async SignatureV4.signRequest (/Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@smithy/signature-v4/dist-cjs/SignatureV4.js:106:29)
    at async /Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@aws-sdk/middleware-signing/dist-cjs/awsAuthMiddleware.js:16:18
    at async /Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@smithy/middleware-retry/dist-cjs/retryMiddleware.js:27:46
    at async /Users/billmetangmo/.nvm/versions/node/v18.17.1/lib/node_modules/tail-stack-events/node_modules/@aws-sdk/middleware-logger/dist-cjs/loggerMiddleware.js:7:26 {
  tryNextLink: false,
  '$metadata': { attempts: 1, totalRetryDelay: 0 }

}

[tmont]

Hi.

Thanks for the report. I've added support for MFA serials which will prompt you to enter your TOTP for the specified device. e.g.

AWS_PROFILE=tmont-with-mfa ./tail-stack-events.js --stack-name tail-stack-events-test --outputs --follow
Enter MFA code for 1234567890:mfa/tmont-dev-test:

I'm not abundantly familiar with the different ways this works, I only tested with a virtual MFA device using an Authenticator app. There are also other ways to trigger the MFA requirement, I used source_profile and role_arn in my ~/.aws/config profile to assume a certain role. It's unclear to me if that covers all cases for the MFA error to be eradicated. I'm guessing "probably not".

Let me know if you still have issues.

---

I published v2.3.0 to NPM which fixes this issue.

[billmetangmo]

Thanks very much. It's working for me right now @