Need help with okta-aws-cli-assume-role

Had this working beautifully but it’s been a few months since last use and now I can’t switch accounts.

The github readme mentions env variables will override config.properties. I think that is my problem. Where are these env variables?

When I run ‘okta-aws sts get-caller-identity’ it always defaults to the same AWS account no matter what (we have 12). I want to switch accounts but can’t. I’ve modified the config.properties file, deleted it, even ran without a config.properties file. In every case it will default to knowing my username, knowing our default region, and selecting the same account. I’ve even gone so far as deleting the Access Key on the IAM user that is running the policies to allow access and I can shockingly still log in. When I look at the .aws\credentials file I see my sessions and the access and secret key are ones I’ve never seen before. It is like it is dynamically creating access and secret keys. How is that even possible?

I’ve blown away and re-installed the latest version several times.

Anyways, I just want it to go back to honoring the settings found in config.properties.

I’m having similar problems. Despite whatever ‘okta-aws’ command I run, it’s always using my ~/.aws/credentials default profile.This is weird… I thought the purpose is to use SAML and not local IAM keys.