我的aws配置文件看起来像这个
[profile foo]
mfa_serial = arn:aws:iam::111111111111:mfa/foo
region = eu-west-2
sts_regional_endpoints = regional
[profile foo-1]
source_profile = foo
mfa_serial = arn:aws:iam::111111111111:mfa/foo
role_arn = arn:aws:iam::22222222222:role/ReadOnly
region = eu-west-2
include_profile = default
[profile foo-admin]
source_profile = foo
mfa_serial = arn:aws:iam::111111111111:mfa/foo
role_arn = arn:aws:iam::22222222222:role/admin
region = eu-west-2
include_profile = default
[profile bar-role]
source_profile = fooadmin
role_arn = arn:aws:iam::333333333333:role/Role1
mfa_serial = arn:aws:iam::111111111111:mfa/foo
region = eu-west-2
当我运行aws-vault exec foo-1 -- ANY AWS COMMAND或aws-vault exec foo-admin -- ANY AWS COMMAND时,它工作得很好。
但当我运行aws-vault exec bar-role -- ANY AWS COMMAND时,它失败了,并出现错误aws-vault: error: No credentials found for profile bar-role
如果我尝试aws-vault add bar-role,它会提示输入没有的cred,因为我正在扮演一个角色。
有没有一种方法可以将嵌套的配置文件添加到aws vault中?
我使用"unset AWS_VAULT"为自己修复了这个问题。