[Cyberduck-trac] [Cyberduck] #8880: Authentication using AWS AssumeRole and GetSessionToken with AWS STS
Cyberduck
trac at cyberduck.io
Fri Feb 1 11:25:35 UTC 2019
#8880: Authentication using AWS AssumeRole and GetSessionToken with AWS STS
----------------------------+-------------------------
Reporter: tigris | Owner: dkocher
Type: feature | Status: reopened
Priority: high | Milestone: 6.7.0
Component: s3 | Version: 4.7
Severity: normal | Resolution:
Keywords: s3 iam sts mfa | Architecture: Intel
Platform: Mac OS X 10.10 |
----------------------------+-------------------------
Comment (by cduser):
Replying to [comment:57 fguerraz]:
> Replying to [comment:56 cduser]:
> > This credentials file configuration (previously mentioned by dt001)
works perfectly with commercial S3 regions (server: s3.amazonaws.com,
region: us-west-1) but not with AWS GovCloud (server: s3-us-gov-
west-1.amazonaws.com, region: us-gov-west-1). I'm using s3-us-gov-
west-1.amazonaws.com as the "Server" and cyberduck gets into a loop where
it says "Authenticating as publish_profile" followed by "Login failed". I
am using version 6.9.3. Any ideas?
> >
> Did you try us-gov-west-1 as a region in your credentials file? I guess
the issue is that it tries to connect to the wrong STS endpoing which is
built from that string.
Hi fguerraz,
Sorry. Yes I have in my credentials file us-gov-west-1 instead of us-
west-1. I tried both, us-gov-west-1 fails (using the s3-us-gov-
west-1.amazonaws.com server) and us-west-1 works (using the
s3.amazonaws.com server). I'm going to edit my original comment to replace
us-west-1 with us-gov-west-1.
Thanks!
--
Ticket URL: <https://trac.cyberduck.io/ticket/8880#comment:58>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list