I'm working on a CLI tool that will open AWS console URLs without needing authentication. User credentials are already available via ~/.aws/credentials.
I've mainly been following the steps in this article:
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html
The guide works for generating URLs that contain credentials that automatically log you in (either as a role or as a federate identity). Unfortunately, subsequent invocations of the tool log you out of earlier sessions. All existing tabs in browser popup a message asking user to refresh page.
Is there a way to prevent the "/federaton?Action=login" endpoint from invalidating earlier sessions to AWS console? Or a way to instruct this endpoint to re-use an existing session, rather than create a new one?
AWS 官方已更新 1 年前