AWS-Vault not regconizing nested profile

Question

My aws config file looks like this

[profile foo]
mfa_serial = arn:aws:iam::111111111111:mfa/foo
region = eu-west-2
sts_regional_endpoints = regional

[profile foo-1]
source_profile = foo
mfa_serial = arn:aws:iam::111111111111:mfa/foo
role_arn = arn:aws:iam::22222222222:role/ReadOnly
region = eu-west-2
include_profile = default

[profile foo-admin]
source_profile = foo
mfa_serial = arn:aws:iam::111111111111:mfa/foo
role_arn = arn:aws:iam::22222222222:role/admin
region = eu-west-2
include_profile = default

[profile bar-role]
source_profile = fooadmin
role_arn = arn:aws:iam::333333333333:role/Role1
mfa_serial = arn:aws:iam::111111111111:mfa/foo
region = eu-west-2

When I run aws-vault exec foo-1 -- ANY AWS COMMAND or aws-vault exec foo-admin -- ANY AWS COMMAND it work just fine.

But when I run aws-vault exec bar-role -- ANY AWS COMMAND it fails with the error aws-vault: error: No credentials found for profile bar-role

If I try aws-vault add bar-role, it prompts for cred which don't have, as I'm assuming a role.

Is there a way to add nested profiles into aws-vault?

Answer 1

I fixed using 'unset AWS_VAULT' to fix this for myself.