Comments (8)
I proposed a solution in #83. If anybody wants to try it out before it's merged, then I've released a macOS binary that supports app-level MFA if you follow these instructions.
from aws-okta.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
from aws-okta.
We are just starting to trial Okta with AWS and hit this issue today too. We use Okta for a bunch of apps and don't want to enable MFA globally, rather on a per-app basis.
I have tested that aws-okta works if we enforce MFA globally for all apps and it works nicely with Google Authenticator, Okta Verify etc.
However, if we enforce MFA only on the AWS Application itself, aws-okta fails with the same error as @ostankin describes.
from aws-okta.
Sad to see this one die on the vine. We were going to switch all our AWS access from local IAM access and assuming roles with MFA to this. The lack of support for application MFA has blocked us.
from aws-okta.
Sad to see this one die on the vine. We were going to switch all our AWS access from local IAM access and assuming roles with MFA to this. The lack of support for application MFA has blocked us.
#83 was pretty close to being accepted and merged. If you wanna take some time to spruce it up, we can get it in. Also, I'd love to have a non-Segment volunteer to maintain it, since we wouldn't be using it ourselves, and it's a substantial chunk of code.
from aws-okta.
Fair enough. The python solution from https://github.com/Nike-Inc/gimme-aws-creds works with app-level MFA and SAML, so it'd be worth seeing if there could a solution there. Switching away from SAML isn't something we can take on right now.
from aws-okta.
Any chance for supporting app level MFA. This feature will certainly be very useful.
from aws-okta.
from aws-okta.
Related Issues (20)
- `go test` flaps a change in `go.mod` HOT 1
- Cut v2.0.0 HOT 1
- TouchID instead of password when prompted for keychain access HOT 2
- Support for ADFS? HOT 1
- Add release for debian/buster HOT 1
- How can I prompt for password without a tty? HOT 1
- ATTENTION: aws-okta is on indefinite hiatus HOT 36
- aws-okta 1.0.0 breaks with multiple profiles HOT 17
- DUO requires enabling "OtherOS" when using aws-okta HOT 1
- can i make this work with mulesoft fabric HOT 2
- docs: Generate docs and publish to GitHub Pages HOT 1
- panic: runtime error: slice bounds out of range [308:282] HOT 2
- aws-okta for windows not updating ~/.aws/credentials file HOT 2
- aws-okta failed duo challenge HOT 6
- Getting "Enter passphrase to unlock /home/XXX/.aws-okta/" message when using aws-okta exec HOT 1
- aws-okta add giving: "Failed to validate credentials" with Correct credentials HOT 1
- Intermittent SAML and 2FA Push Notification Timeouts from Okta HOT 14
- The latest release does not have built binaries for any platform HOT 5
- Passphrase Request should be suppressed when not entered during profile setup HOT 2
- 1.0.8 mfa push fails HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-okta.