one time pass as argument?

[tamis-laan]

I would like to do:

aws-mfa --one-time-pass 123456

Is this possible?

[hoto]

That would be super useful for scripting login to AWS with passwords managers.
Using an environment variable would be ok as well.

For now you could always grab the TOTP to clipboard and paste it when aws-mfa ask:
e.g. with 1password cli:

awsmfa='op item get q4myjst4inexxxx6dmyr2ey --field type=otp --format json | jq -r .totp | pbcopy && aws-mfa --profile prod --force'

[osiegmar]

I just noticed that this functionality was actually implemented by 5334deb four years ago (2018-05-15) but never released.

This makes it very simple to use aws-mfa together with 1Password-CLI:

aws-mfa --force --token $(op item get <item id> --otp)

@broamski Could you release a 0.0.13 please?

Maybe AgileBits wants to update https://blog.1password.com/1password-cli-2_0/ then in order to enhance security by using aws-mfa! ;-)

[ksylvan]

It's been a couple of years since the last comment. I pushed a fork of this to PyPi here:

https://pypi.org/project/aws-mfa-ks/

It includes only one functional change, which was to incorporate this #43