[Cyberduck-trac] [Cyberduck] #10432: 403 Forbidden for requesting credentials from role based profile
Cyberduck
trac at cyberduck.io
Tue Aug 21 11:40:20 UTC 2018
#10432: 403 Forbidden for requesting credentials from role based profile
-------------------------+------------------------
Reporter: ekent | Owner: dkocher
Type: defect | Status: new
Priority: normal | Milestone:
Component: s3 | Version: 6.7.0
Severity: normal | Resolution:
Keywords: | Architecture:
Platform: macOS 10.12 |
-------------------------+------------------------
Comment (by dkocher):
We try to obtain a new session token from AWS STS using the credentials in
the AWS CLI profile named `DPMProdMaster-RO` but you suggest that we
should just connect with the already given credentials saved in the
profile. This happens because we detect the `DPMProdMaster-RO` profile to
be a role based configuration (logged via `Configure credentials from role
based profile DPMProdMaster-RO`) because we find the configuration option
`role_arn` set. Please try to remove this property and only include
`aws_access_key_id`, `aws_secret_access_key` and `aws_session_token` when
generating the entry from your script.
--
Ticket URL: <https://trac.cyberduck.io/ticket/10432#comment:11>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list