Added
- Handle
[sso-session]section by @dima-vm in #1088 - Add support for
credential_processby @jmczerk in #1087
#1122 - Add
mfa_processconfig by @mtibben in #1123 - Support aws-cli's
AWS_CREDENTIAL_EXPIRATIONby @mtibben in #1124 - Add
aws-vault exportcmd by @mtibben in #1135 #1146 - Allow login with master creds in environment by @mtibben in #1150
- Support
loginfrom profile withcredential_processby @christophgysin in #1168
Changed
- Simplify creation of temporary creds by @mtibben in #1120
- Update Documentation to reflect new Multi-MFA per IAM User functionality on AWS. by @LouisTsiattalou in
#1101 - Remove support for
parent_profile, deprecated in v5 by @mtibben in #1131 - When using a subshell, add some help messages to minimise confusion and improve DX by @mtibben in #1136
- Disable subshell help messages with
AWS_VAULT_DISABLE_HELP_MESSAGE=1by @mtibben in #1165 - Make
--ecs-serverthe default server implementation by @mtibben in #1137 - Automatically select the best prompt driver by @mtibben in #1138
- Remove use of old env vars by @mtibben in #1143 #1147
- Fix prompts required in non-tty processes by @mtibben in #1149
- Use go 1.20 by @mtibben in #1158
- Support execve syscall on all OSs that can by @mtibben in #1166
- Shut down ec2 proxy automatically by @mtibben in #1167
- Validate that configs don't have more than one source by @mtibben in #1171
Backwards-compatibility breaks
--prompt=passotpis no longer supported. Instead, usemfa_process = pass otp my_aws_mfain your config fileparent_profilein the aws config file is no longer supported. Useinclude_profileinstead--servernow executes a ECS metadata server instead of a EC2 metadata server. To continue using the EC2 metadata server, use--ec2-serverinstead- When using
aws-vault execthe following old env vars are no longer set. If you use any of these env vars, use the more standard alternativeAWS_SECURITY_TOKEN(useAWS_SESSION_TOKENinstead)AWS_SESSION_EXPIRATION(useAWS_CREDENTIAL_EXPIRATIONinstead)
aws-vault exec --jsonflag is deprecated and will be removed in a future release. Useaws-vault export --format=jsoninstead.- Ambiguous configs that specify multiple credential sources will no longer be allowed
New Contributors
- @dima-vm made their first contribution in #1088
- @LouisTsiattalou made their first contribution in #1101
- @jmczerk made their first contribution in #1087
- @christophgysin made their first contribution in #1168
Full Changelog: v6.6.2...v7.0.0-rc5