Articles → AWS → Security Token Service (STS) In AWS

Security Token Service (STS) In AWS






Purpose





Scenario




  1. Provide full access to the user manually
  2. Use STS

How To Create Temporary Credentials Using STS?




  1. Create a user
  2. Create a role
  3. Change the trust relationship of the role
  4. Generate temporary credentials using the "Use-STSRole" command in PowerShell
  5. Execute the command to get the list of buckets



Create A User




Picture showing adding a user without any permission

Click to Enlarge


Create A Role




Picture showing creating a role with AmazonS3FullAccess permission

Click to Enlarge


Change The Trust Relationship Of The Role




Picture showing the Edit trust relationship button for editing the trust relationship

Click to Enlarge



Picture showing changing the trusted relationship json

Click to Enlarge



Picture showing the trust relationship updated

Click to Enlarge


Generate Temporary Credentials Using The "Use-Stsrole" Command In Powershell




Set-AWSCredential -AccessKey <Access Key> -SecretKey <Secret Key>




$creds = (Use-STSRole -RoleArn "arn:aws:iam::462618770999:role/myrole" -RoleSessionName="TempS3Access").Credentials




Picture showing the value of $creds variable in powershell

Click to Enlarge


Execute The Command To Get The List Of Buckets




Get-S3Bucket -Credential $creds


Picture showing the output of Get-S3Bucket -Credential $creds

Click to Enlarge


Posted By  -  Karan Gupta
 
Posted On  -  Monday, December 6, 2021

Query/Feedback


Your Email Id  
 
Subject 
 
Query/FeedbackCharacters remaining 250