I have been going over this for some time and I cannot understand why this is not working.
I have two accounts: infra and prod. When I run my packer build build.json.pkr.hcl it builds in infra; however, when run in prod it gives me this error:
Error creating AWS session: AssumeRoleTokenProviderNotSetError: assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.
My command that I use is like this in production: AWS_PROFILE=legitProd MFA_CODE=178574 packer build build.json.pkr.hcl
My file of build.json.pkr.hcl does not contain AWS_PROFILE as an environment variable so I call it on the CLI.
My ~/.aws/config is like so:
[profile legitProd]
region = us-east-1
role_arn = arn:aws:iam::23423423:role/legit-Full
mfa_serial = arn:aws:iam::23423423:mfa/babba.booie@domain.net
source_profile = prod
And my ~/.aws/credentials is like so:
[prod]
aws_access_key_id = <access_key_here>
aws_secret_access_key = <secret_access_key_here>
I tried having my environment variable of AWS_PROFILE=“prod” in my file build.json.pkr.hcl but that would give me errors. All I want to do is be able to call prod in my credentials and then add my role of legitProd so I can perform my build in production. MFA is posing a problem and I would appreciate any help.