Articles → AWS → Security Token Service (STS) In AWS

Security Token Service (STS) In AWS






Purpose





Scenario




  1. Provide full access to the user manually
  2. Use STS

How To Create Temporary Credentials Using STS?




  1. Create a user
  2. Create a role
  3. Change the trust relationship of the role
  4. Generate temporary credentials using the Use-STSRole command in PowerShell
  5. Execute the command to get the list of buckets



Create A User




Picture showing adding a user without any permission
Click to Enlarge


Create A Role




Picture showing creating a role with AmazonS3FullAccess permission
Click to Enlarge


Change The Trust Relationship Of The Role




Picture showing the Edit trust relationship button for editing the trust relationship
Click to Enlarge



Picture showing changing the trusted relationship json
Click to Enlarge



Picture showing the trust relationship updated
Click to Enlarge


Generate Temporary Credentials Using The "Use-Stsrole" Command In Powershell




Set-AWSCredential -AccessKey <Access Key> -SecretKey <Secret Key>




$creds = (Use-STSRole -RoleArn "arn:aws:iam::462618770999:role/myrole" -RoleSessionName="TempS3Access").Credentials




Picture showing the value of $creds variable in powershell
Click to Enlarge


Execute The Command To Get The List Of Buckets




Get-S3Bucket -Credential $creds


Picture showing the output of Get-S3Bucket -Credential $creds
Click to Enlarge


Posted By  -  Karan Gupta
 
Posted On  -  Monday, December 6, 2021

Query/Feedback


Your Email Id  
 
Subject 
 
Query/FeedbackCharacters remaining 250