This question has been asked and answer here but the solution seem incomplete.
The use case for this is to allow superuser access via SSO from a HPC environment, where browsers are not commonly accessible. (I suspect a large use case considering docker, etc).
I used the solution of using 'verificationUriComplete' instead of 'verificationUri' via a bash script, and it works.
$> bash sso.sh
{
"deviceCode": "*******",
"userCode": "ZGVL-****",
"verificationUri": "https://device.sso.us-west-2.amazonaws.com/",
"verificationUriComplete": "https://device.sso.us-west-2.amazonaws.com/?user_code=ZGVL-*****",
"expiresIn": 600,
"interval": 1
}
If I manually launch the 'verificationUriComplete' it authorized correctly, but when I return to the command line simple commands still return as expired.
aws lambda list-functions --profile me
The SSO session associated with this profile has expired or is otherwise invalid. To refresh this SSO session run aws sso login with the corresponding profile.
So my question is: What addtional steps are needed? Is something from the response JSON need to be added in someway? Additional steps?
I have verified that the cli and sso directories and file under .aws have not been updated.
AWS OFFICIALUpdated 5 months ago
