The solution: We need a way to do OATH-TOTP, which is time based. You can have any OATH you like, so long as it’s HOTP The answer: Only one two-factor authentication is allowed at a time, and the YubiKey Manager program seems to only offer OATH-HOTP, a flavor which AWS will not accept. When I first encountered this problem, I asked myself two questions: “Can I set my key to OTP instead?” and “Can I configure one 2FA for the Console and another for CLI?”. Use AWS API Commands from your terminal.Use AWS CLI Commands via Python libraries.Build Infrastructure as code with Terraform from your machine.What does that mean exactly? If you use a Yubikey for Universal 2nd Factor authentication (U2F) on your AWS Console, you cannot: Join me in my surprise then: By default, it won’t do both. Why Your YubiKey Won’t Work With AWS CLI (and the fix)ĭid you know you can use a YubiKey for 2FA when authenticating in AWS CLI or AWS Console? That sounds fairly obvious and expected.
0 kommentar(er)
