Skip to content

0.0.131

Latest
Compare
Choose a tag to compare
@rehanvdm rehanvdm released this 07 Apr 19:19

💫 Enhancements

  • Assume Role improvements, close #31
    • You can now specify duration_seconds up to 43200 seconds (12 hours)
      image

    • When doing MFA, you have the option to either:

      1. Role chain by first using GetSessionToken (attached MFA here) then AssumeRole. This was the default up until now to ensure the aws:MultiFactorAuthPresent IAM flag is set. It limited the role duration to 1 hour.
      2. AssumeRole without first doing GetSessionToken. This does not limit the session duration but it also does not add the aws:MultiFactorAuthPresent IAM flag.

      The info text next to the new MFA Option describes it as:

      This option will attach the MFA details to GetSessionToken before calling AssumeRole so that IAM policies that checks the aws:MultiFactorAuthPresent condition passes. This is called role chaining and limits the session to a maximum of 1 hour.

      image