I am trying to create a session token by using getCredentials() for accessing s3 objects.
The profile I am trying to switch to requires MFA authentication, I am getting the Error - InvalidClientTokenId: The security token included in the request is invalid. after entering the mfa token
here is the code snippet... any idea what am I doing wrong
import { S3Client, ListBucketsCommand, ListObjectsV2Command } from '@aws-sdk/client-s3';
import { fromIni } from "@aws-sdk/credential-providers";
import * as readline from 'readline';
const bucketName = 'my-bucket-name';
const fq3Profile = 'my-profile-name'; // this profile is setup correctly in .aws/config..verified by console access
const awsRegion = 'my-region';
function prompt(query) {
const rl = readline.createInterface({input: process.stdin, output: process.stdout});
return new Promise((resolve) =>
rl.question(query, (ans) => {
rl.close();
// console.log(`++++mfa token - ${ans}`)
resolve(ans);
})
);
}
const getCredentials = async () => {
return fromIni({
profile: fq3Profile,
mfaCodeProvider: async (serial) => prompt(
`Enter mfa token for the account: ${serial}\n`
),
});
}
const s3client = new S3Client({
region: awsRegion,
credentials: await getCredentials()
});