Background:
In our organisation we have a bunch of AWS Accounts.
We use one of them to define all the IAM users, one for each developer. Then every team has a different AWS Account.
To work into an account, a developer has to impersonate a Role, called "Developer".
Also, we have the Mfa authentication required for every user.
To get the AWS Explorer work in Visual Studio 2015 then, we create, through Powershell, a Session ProfileType credential in the RegisteredAccounts.json file. This way we can tie the Mfa authentication and the role impersonation in one temporarily valid profile and store it locally.
That profile is then picked up by Visual Studio 2015 and then AWS Explorer works by impersonating the "Developer" role in any of our accounts.
Problem
This handy behavior seems to have disappeared with the VS 2017 version of the AWS Toolkit: any profile with "ProfileType" : "Session" stored in the RegisteredAccounts.json can't be used.
Now we can't use this workaround anymore.
Is this intentional? Is this a bug? Is there another way to make the AWS Toolkit for VS 2017 impersonate an AWS Role?