Articles → AWS → Security Token Service (STS) In AWS

Security Token Service (STS) In AWS



  1. Provide full access to the user manually
  2. Use STS

How To Create Temporary Credentials Using STS?

  1. Create a user
  2. Create a role
  3. Change the trust relationship of the role
  4. Generate temporary credentials using the Use-STSRole command in PowerShell
  5. Execute the command to get the list of buckets

Create A User

Picture showing adding a user without any permission
Click to Enlarge

Create A Role

Picture showing creating a role with AmazonS3FullAccess permission
Click to Enlarge

Change The Trust Relationship Of The Role

Picture showing the Edit trust relationship button for editing the trust relationship
Click to Enlarge

Picture showing changing the trusted relationship json
Click to Enlarge

Picture showing the trust relationship updated
Click to Enlarge

Generate Temporary Credentials Using The "Use-Stsrole" Command In Powershell

Set-AWSCredential -AccessKey <Access Key> -SecretKey <Secret Key>

$creds = (Use-STSRole -RoleArn "arn:aws:iam::462618770999:role/myrole" -RoleSessionName="TempS3Access").Credentials

Picture showing the value of $creds variable in powershell
Click to Enlarge

Execute The Command To Get The List Of Buckets

Get-S3Bucket -Credential $creds

Picture showing the output of Get-S3Bucket -Credential $creds
Click to Enlarge

Posted By  -  Karan Gupta
Posted On  -  Monday, December 6, 2021


Your Email Id  
Query/FeedbackCharacters remaining 250