aws-vault: Can't use --prompt=terminal with --ec2-server

This breaking change is a bummer - we use aws-vault within a docker container, ‘terminal’ is the only option…

So I’m really not sure how to handle terminal input when using a server, do you have any thoughts or ideas?

Could it not just work the way it used to? Ask for 2FA input at launch then start erroring when re-auth in required…

$ aws-vault  --debug exec dev --prompt=osascript --server
2022/03/11 11:10:19 aws-vault v6.6.0
2022/03/11 11:10:19 Loading config file /Users/fernando/.aws/config
2022/03/11 11:10:19 Parsing config file /Users/fernando/.aws/config
2022/03/11 11:10:19 [keyring] Considering backends: [keychain]
2022/03/11 11:10:19 [keyring] Querying keychain for service="aws-vault", keychain="aws-vault.keychain"

that seems to work fine. what can we do to fix this in aws-vault natively, and avoid and extra parameter that wasn’t needed a week ago?

thanks for the help!

@FernandoMiguel ah so it’s the “default” as terminal that is the problem

Just regular vanilla iTerm2. Nothing fancy about it, and no recent update there. Something changed with aws vault and no warning on the changelog.

This breaking change is a bummer - we use aws-vault within a docker container, ‘terminal’ is the only option…

So I’m really not sure how to handle terminal input when using a server, do you have any thoughts or ideas?

Could it not just work the way it used to? Ask for 2FA input at launch then start erroring when re-auth in required…

The whole point of --ec2-server and --ecs-server is to refresh credentials asynchronously in the background. If you don’t need that refreshing behaviour, why are you using --ec2-server and --ecs-server?