Skip to main content

2.4.6 Configuring Vegeta Access

Youtube ๐Ÿ“บ

In this section we'll configure Vegetas's Console as well as CLI access by changing the password and configuring MFA, on similar lines as done for Goku

๐Ÿ”“ Identity Account Accessโ€‹

  • Open the identity account URL from the terraform output that was saved in notes.md file as shown below.
  • Login using the temporary credential for Vegeta.

๐Ÿ”‘ Change Passwordโ€‹

  • Once you access the console using the temporary password you'll be forced to change the password. Ensure you note it down or save it in a secure manner.

๐Ÿ“ฑ Configure MFAโ€‹

โš™๏ธ Configuring Console Access using MFAโ€‹

  • After configuring MFA, logout from the console and login using the identity url as performed earlier.
  • This time when you sign-in, AWS will ask for the MFA OTP. Please provide the same using the authenticator application.
  • Next, click on the right-corner showing vegeta-account-number and click Switch Role
  • Next in the switch role screen add the account ID and the IAM Role that Vegeta has access to. This information has been saved in notes.md file.
  • Ex: Accessing Prod account with ReadOnly Privileges

๐Ÿ–ฅ๏ธ Configuring CLI Access using MFAโ€‹

  • Let's access the same Prod AWS Account from CLI using MFA
awsmfa -i vegeta arn:aws:iam::<prod-account-id>:role/AssumeReadOnlyrWithMFAprod
prompt> Enter MFA Code
export AWS_PROFILE=default
aws sts get-caller-identity