-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.toml
54 lines (40 loc) · 1.76 KB
/
config.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# This is a configuration sample.
# You should add your role ARNs and desired profiles.
# ===================================================
# This profile name must match the profile in ~/.aws/credentials file
# You should have something like this
#
# [main]
# aws_access_key_id = blabla
# aws_secret_access_key = blabla
main_profile = "main"
# MFA profile name. Default is '<main_profile>-mfa'.
# mfa_profile = "mfa"
# MFA serial number can be found in AWS web console -> IAM
mfa_serial_number = "arn:aws:iam::MAIN_ACCOUNT_ID:mfa/USERNAME"
# Uncomment and adjust the shell command if your MFA token can be provided by a script.
# Here is an example for yubikey.
# mfa_command = "ykman oath accounts code | awk '/SOME_PATTERN/ {print $2}'"
# How often to check for new version.
# Comment out to disable.
check_new_version_interval_days = 30
# This will prepend the assumed profile and the expiration time to your shell prompt.
# You can disable this feature and directly use environment variable `AWS_PROFILE` with
# an explicit call `awscredx print-expiration` or `awscredx print-prompt`.
modify_shell_prompt = true
# The AWS region.
region = "eu-central-1"
# Session name used for role assumption.
session_name = "awscredx"
# Uncomment the following line to enable automatic credentials rotation of the main profile every N days.
# rotate_credentials_days = 7
[profiles]
# You can specify profiles by either providing the role ARNs
dev = "arn:aws:iam::123456589012:role/Admin"
prod = "arn:aws:iam::123456589013:role/TestRole"
# ... or by providing an object that can contain additional fields
[profiles.dev-read-only]
# This field is required
role_arn = "arn:aws:iam::123456589014:role/ReadOnly"
# (optional) Profile name that must be used to assume this role
# parent_profile = "dev"