Packer giving error in my account with AssumeRoleTokenProvider not set

I have been going over this for some time and I cannot understand why this is not working.

I have two accounts: infra and prod. When I run my packer build build.json.pkr.hcl it builds in infra; however, when run in prod it gives me this error:

Error creating AWS session: AssumeRoleTokenProviderNotSetError: assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.

My command that I use is like this in production: AWS_PROFILE=legitProd MFA_CODE=178574 packer build build.json.pkr.hcl

My file of build.json.pkr.hcl does not contain AWS_PROFILE as an environment variable so I call it on the CLI.

My ~/.aws/config is like so:

[profile legitProd]
region = us-east-1
role_arn = arn:aws:iam::23423423:role/legit-Full
mfa_serial = arn:aws:iam::23423423:mfa/
source_profile = prod

And my ~/.aws/credentials is like so:

aws_access_key_id = <access_key_here>
aws_secret_access_key = <secret_access_key_here>

I tried having my environment variable of AWS_PROFILE=“prod” in my file build.json.pkr.hcl but that would give me errors. All I want to do is be able to call prod in my credentials and then add my role of legitProd so I can perform my build in production. MFA is posing a problem and I would appreciate any help.

1 Like