Deploying with MFA
Important: These docs are for the outdated Jets 5 versions and below. For the latest Jets docs: docs.rubyonjets.com
Jets supports the use of Multi Factor Authentication, MFA. Jets leverages the tongueroo/aws-mfa-secure gem to achieve this.
Example
Set up mfa_serial
for the aws profile section that requires it. Example:
~/.aws/credentials:
[mfa]
aws_access_key_id = BKCAXZ6ODJLQ1EXAMPLE
aws_secret_access_key = ABCDl4hXikfOHTvNqFAnb2Ea62bUuu/eUEXAMPLE
mfa_serial = arn:aws:iam::112233445566:mfa/MFAUser
Now you’ll be able to deploy like usual. Example:
$ AWS_PROFILE=mfa jets deploy
Please provide your MFA code: 004578
Deploying to Lambda demo-dev environment...
...
08:41:16AM UPDATE_COMPLETE AWS::CloudFormation::Stack demo-dev
Stack success status: UPDATE_COMPLETE
Time took for stack deployment: 1m 16s.
Prewarming application.
API Gateway Endpoint: https://4dwsk84n5h.execute-api.us-west-2.amazonaws.com/dev/
$
Another Example
$ AWS_PROFILE=mfa jets url
Please provide your MFA code: 364471
API Gateway Endpoint: https://4dwsk84n5h.execute-api.us-west-2.amazonaws.com/dev
$ AWS_PROFILE=mfa jets url
API Gateway Endpoint: https://4dwsk84n5h.execute-api.us-west-2.amazonaws.com/dev
$
The MFA prompt will only appear once. The session credentials are reused until the session expires per the tongueroo/aws-mfa-secure docs.