[Cyberduck-trac] [Cyberduck] #8880: Authentication using AWS AssumeRole and GetSessionToken with AWS STS

Cyberduck trac at cyberduck.io
Fri Feb 1 10:14:39 UTC 2019

#8880: Authentication using AWS AssumeRole and GetSessionToken with AWS STS
 Reporter:  tigris          |         Owner:  dkocher
     Type:  feature         |        Status:  reopened
 Priority:  high            |     Milestone:  6.7.0
Component:  s3              |       Version:  4.7
 Severity:  normal          |    Resolution:
 Keywords:  s3 iam sts mfa  |  Architecture:  Intel
 Platform:  Mac OS X 10.10  |
Changes (by cduser):

 * status:  closed => reopened
 * resolution:  fixed =>


 This credentials file configuration (previously mentioned by dt001) works
 perfectly with commercial S3 regions (s3.amazonaws.com, us-west-1) but not
 with AWS GovCloud (s3-us-gov-west-1.amazonaws.com). I'm using s3-us-gov-
 west-1.amazonaws.com as the "Server" and cyberduck gets into a loop where
 it says "Authenticating as publish_profile" followed by "Login failed".
 Any ideas?

 output = json
 region = us-west-1
 aws_access_key_id = AAAAAAAAAAAAAAAAAAAA
 aws_session_token =

Ticket URL: <https://trac.cyberduck.io/ticket/8880#comment:56>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list