Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
AWS cli plugin is not supporting external otp anymore
Hello!
before the last release of the 1password cli using an external OTP device (a yubikey) was possible for aws accounts with a mfa serial
it's not the case anymore since this commit https://gi...
I'll need to try reproduce it again it but it seemed like I was getting an error about a missing ARN or there wasn't a mechanism for registering the physical security key I'm using in AWS within the 1password entry. For now, I've enabled two different types of MFA—one physical security key and the other 1Password OTP.
UPDATE: Here's the error I receive when using the ARN of my physical security key in 1P
[ERROR] 2023/05/26 17:15:26 could not run plugin AWS CLI: failed to provision credentials, encountered error(s):
operation error STS: GetSessionToken, https response error StatusCode: 403, RequestID: <REQUEST_ID>, api error AccessDenied: MultiFactorAuthentication failed, unable to validate MFA code. Please verify your MFA serial number is valid and associated with this user
