@@ -27,8 +27,6 @@ - **[Chocolatey](https://chocolatey.org/packages/mfaws):** `choco install mfaws` - **[AUR](https://aur.archlinux.org/packages/mfaws-bin):** `yay -S mfaws-bin` - - ## Usage `mfaws` works by looking for AWS credentials and an MFA device ARN in profiles suffixed with `-long-term`. It uses those credentials as well as a TOTP code supplied by the user to make an `AssumeRole` call. The outcome of this is another set of short-lived credentials scoped to the role session. These short lived credentials are stored in a separate profile in the credentials file without the `-long-term` suffix. @@ -92,7 +90,7 @@ You can use `oathtool` to get TOTP codes directly in the CLI without having to c oathtool --totp --base32 $YOUR_AWS_TOTP_KEY | mfaws ``` -### Combine with [1Password CLI](https://developer.1password.com/docs/cli/) (`op`) +### Combine with [1Password CLI](https://developer.1password.com/docs/cli/) You can get TOTP codes from MFA keys that you've saved in your 1Password account. This has the advantage of not leaking the secret to disk. In this example, we're requesting a TOTP code from an item called "AWS" in our 1Password account and piping it into `mfaws`: diff --git a/build/package/Dockerfile b/build/package/Dockerfile deleted file mode 100644 index bb6d97e..0000000 --- a/build/package/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM gcr.io/distroless/static:latest -COPY mfaws / -ENTRYPOINT [ "/mfaws" ]