Stack Overflow
Stack Overflow

Questions tagged [aws-sts]

The AWS Security Token Service (STS) is a web service that lets you grant a trusted user temporary, limited-privilege credentials to access your Amazon Web Services (AWS) resources.

Resources

214 questions
2
votes
1 answer

Retrieve Entire SAML Response in Spring Security SAML Extension

I have a Spring Boot application that is setup as a Service Provider. My end goal is to be able to call the AWS STS Assume Role with SAML service to generate AWS temporary credentials on behalf of the user with the SAML response used to initially…
Josh Walton
  • 21
  • 1
  • 3
2
votes
1 answer

Google Cloud equivalent of Amazon STS

Amazon STS offers the ability to take an IAM token and create a limited subset of the abilities of that token for other use. The subset of abilities can be by time (expiring in N hours) and by allowed operations (e.g. read one S3 bucket but not all…
Andrew
  • 3,272
  • 2
  • 25
  • 26
2
votes
1 answer

Recommended way to get temporary AWS credentials? AWS.config or STS?

I'm using a third-party SDK that needs temporary AWS credentials to access AWS services. I'm using this SDK as part of an application that is running on EC2. All SDKs in my application need access to the same role, which is attached to my the EC2…
johnnyodonnell
  • 1,838
  • 3
  • 16
  • 34
2
votes
0 answers

Set ACL while uploading a file to S3 using AWS short term credentials(AWS STS)

I am using AWS STS Federation Token to get temporary credentials, with below statement. Statement putStatement = new Statement(Statement.Effect.Allow) .withId("TempCreds") .withActions(S3Actions.PutObject) .withResources(new…
Ankit Choudhary
  • 31
  • 1
  • 6
2
votes
1 answer

Explicitly expire tokens acquired from AWS Security Token Service

Can I explicitly expire session tokens acquired from AWS STS service using AWS Java SDK?
Anirudh Jayakumar
  • 1,171
  • 3
  • 15
  • 37
2
votes
1 answer

AWS - STS how to use AWSSecurityTokenServiceClientBuilder with global region

I used the AWSSecurityTokenServiceClient sts_client = new AWSSecurityTokenServiceClient(), and a default region (Global) was set authomatically. But this constructor is deprcated and the recommendation is to use:…
Hadar
  • 21
  • 1
  • 3
2
votes
0 answers

Amazon AWS and GetCallerIdentity

I'm working on an AWS project. We want to be able to issue STS temporary security credentials, with limited permissions, in order to access AWS services. We're working in .Net Core with C#. We're using STS AssumeRoleAsync(), which is the .Net SDK's…
Derek Hauffe
  • 85
  • 10
2
votes
1 answer

Using Temporary Credentials giving SignatureDoesNotMatch issue

We are working on s3 browser based multipart file using EvaporateJS, Using pre-signed URL with temperory credentials. Following will be my configuration var amz_headers_common = {}; var amz_headers_at_initiate = {}; var amz_headers_at_upload =…
sk2
  • 1,171
  • 1
  • 10
  • 28
2
votes
1 answer

Why AmazonSTSCredentialsProvider is only in mobile SDK and not in aws-java-sdk

I am working with AWS Assume role access logic. For that I am trying to get new temporary credentials before previous one is expired. I found AmazonSTSCredentialsProvider is doing this logic. But this is present ony in mobile SDK not in java SDK. Is…
Achaius
  • 5,904
  • 21
  • 65
  • 122
2
votes
1 answer

Using AWS (S3) via jclouds - how to assume role

When using plain auth credentials I can do: ContextBuilder.newBuilder("aws-s3").credentials(keyId, key).buildView(BlobStoreContext.class); ... to access BlobStoreContext for S3. In native Amazon java api I can use Security Token Service (STS) to…
Eugene Loy
  • 12,224
  • 8
  • 53
  • 79
1
vote
0 answers

An error occurred (AccessDenied) when calling the DecodeAuthorizationMessage operation:

When trying to decode this message using: aws sts decode-authorization-message --encoded-message, I get the following error. An error occurred (AccessDenied) when calling the DecodeAuthorizationMessage operation: User: (Blank) is not authorized to…
electronic-trip-1200
  • 31
  • 3
1
vote
1 answer

Unable to upload to S3 using STS credentials

Describe the bug I'm trying to integrate STS assumeRole based authentication to upload my files to S3 buckets... Code Snippet AWS.config.update({ region: 'ap-south-1', maxRetries: 3, accessKeyId: process.env.AWS_ACCESS_KEY_ID, …
Sanskar Dahiya
  • 151
  • 8
1
vote
1 answer

Why the does AWS CLI use different AWS services on darwin (mac) vs. linux? When does the rds describe-db-instances command use STS?

Running aws --profile=REDACTED --region=REDACTED rds describe-db-instances fails for me on linux but succeeds on darwin (mac). It seems that on my linux, a call is made to AWS's Simple Token Service that I don't have permissions to. But for some…
benjaminedwardwebb
  • 133
  • 7
1
vote
1 answer

aws get-caller-identity behaving differently via ansible

I have an ansible playbook which runs following task from a jenkins job - name: printing get caller shell: "aws sts get-caller-identity" register: var_caller - debug: msg: "{{var_caller.stdout}}" And returns the following output ok:…
Gaurav Sharma
  • 87
  • 1
  • 8
1
vote
1 answer

Using an stsclient assumed role with cognito in java

I am using Java. I have an aws user (sts client) on which I do an "assume role" before trying to call cognito "list users". The assume role seem to be working fine. However, the "list users" is throwing an error ("The security token included in the…
BelovedFool
  • 435
  • 6
  • 17
1 2 3
14 15