Allow stderr passthrough for credential_process #1835
Closed
Commits on Sep 27, 2019
-
Allow stderr passthrough for credential_process
Many organizations now require MFA for AWS login, or perhaps fetch credentials from a command-line password manager. While `stdout` of the `credential_process` is used to acquire the credential token, `stderr` is captured for raising an exception back to the user. In order enable user-interaction with the credential provider process, it must have access to some stream the user can see: in this case, `stderr`. This commit provides that change. In order to maintain a relatively high level of backwards compatibility, we will continue to capture `stderr` for raising exceptions _unless_ `stderr` is reporting as being a TTY device, in which case we assume that user-interaction is more favorable than detailed exceptions.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.