lib/aws_mfa_secure/exports.rb in aws-mfa-secure-0.4.0 vs lib/aws_mfa_secure/exports.rb in aws-mfa-secure-0.4.1

@@ -4,27 +4,36 @@
       @options = options
       @aws_profile = aws_profile
     end
 
     def run
+      # Allow use `aws-mfa-secure exports --no-mfa`
+      # This bypasses the check for mfa_serial being configured in the ~/.aws/credentials profile
+      # Useful if we want to grab temporary AWS_xxx credentials for testing.
+      if @options[:mfa] == false
+        resp = sts.get_session_token
+        puts script(resp.credentials)
+        return
+      end
+
       unless iam_mfa?
         $stderr.puts "WARN: mfa_serial is not configured for this AWS_PROFILE=#{@aws_profile}"
         return
       end
 
       if fetch_creds?
         resp = get_session_token
         save_creds(resp.credentials.to_h)
       end
 
-      puts script
+      puts script(credentials)
     end
 
-    def script
+    def script(creds)
       <<~EOL
-        export AWS_ACCESS_KEY_ID=#{credentials["access_key_id"]}
-        export AWS_SECRET_ACCESS_KEY=#{credentials["secret_access_key"]}
-        export AWS_SESSION_TOKEN=#{credentials["session_token"]}
+        export AWS_ACCESS_KEY_ID=#{creds["access_key_id"]}
+        export AWS_SECRET_ACCESS_KEY=#{creds["secret_access_key"]}
+        export AWS_SESSION_TOKEN=#{creds["session_token"]}
       EOL
     end
   end
 end