aws-vault
aws-vault
authenticates with AWS and stores the obtained credentials in a secure credential store (a "vaulting backend").
With AWS Organisations and SSO
Insert stanzas like the following into ~/.aws/config
for each role and account combination:
[profile $name]
sso_start_url = https://$org.awsapps.com/start
sso_region = $portalRegion
sso_account_id = $portalAccount
sso_role_name = $role
region = $region
macOS Keychain timeout
The Keychain timeout determines the amount of time that must pass between Keychain accesses before you need to re-enter your password. It's specified in seconds:
security set-keychain-settings -t 1800 ~/Library/Keychains/aws-vault.keychain-db