Skip to content

Commit

Permalink
Further elaboration of --cache-access-token
Browse files Browse the repository at this point in the history
  • Loading branch information
@monde
monde committed Jan 31, 2025
1 parent 4e76eaa commit a37a5fb
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -378,7 +378,7 @@ These global settings are optional unless marked otherwise:
| AWS Session Duration | The lifetime, in seconds, of the AWS credentials. Must be between 60 and 43200. | `--aws-session-duration [value]` | `OKTA_AWSCLI_SESSION_DURATION` |
| Output format | Default is `env-var`. Options: `env-var` for output to environment variables, `aws-credentials` for output to AWS credentials file, `process-credentials` for credentials as JSON, or `noop` for no output which can be useful with `--exec` | `--format [value]` | `OKTA_AWSCLI_FORMAT` |
| Profile | Default is `default` | `--profile [value]` | `OKTA_AWSCLI_PROFILE` |
| Cache Okta access token at `$HOME/.okta/awscli-access-token.json` to reduce need to open device authorization URL. Okta access token has an expiry of 60 minutes and can not be configured otherwise. | `true` if flag is present | `--cache-access-token` | `OKTA_AWSCLI_CACHE_ACCESS_TOKEN=true` |
| Cache Okta access token at `$HOME/.okta/awscli-access-token.json` to reduce need to open device authorization URL. Okta access token has an expiry of 60 minutes and can not be configured otherwise. Further, attempt to read token will only occur when flag is enabled. | `true` if flag is present | `--cache-access-token` | `OKTA_AWSCLI_CACHE_ACCESS_TOKEN=true` |
| Alternate AWS credentials file path | Path to alternative credentials file other than AWS CLI default | `--aws-credentials` | `OKTA_AWSCLI_AWS_CREDENTIALS` |
| (Over)write the given profile to the AWS credentials file. WARNING: When enabled, overwriting can inadvertently remove dangling comments and extraneous formatting from the creds file. | `true` if flag is present | `--write-aws-credentials` | `OKTA_AWSCLI_WRITE_AWS_CREDENTIALS=true` |
| Emit deprecated AWS variable `aws_security_token` with duplicated value from `aws_session_token`. AWS CLI removed any reference and documentation for `aws_security_token` in November 2014. | `true` if flag is present | `--legacy-aws-variables` | `OKTA_AWSCLI_LEGACY_AWS_VARIABLES=true` |
Expand Down

0 comments on commit a37a5fb

Please sign in to comment.