[Cyberduck-trac] [Cyberduck] #10594: Temporary tokens (credentials from AWS STS) do not work with AWS GovCloud S3

Cyberduck trac at cyberduck.io
Mon Feb 4 18:41:33 UTC 2019

#10594: Temporary tokens (credentials from AWS STS) do not work with AWS GovCloud
 Reporter:  cduser          |         Owner:  dkocher
     Type:  defect          |        Status:  closed
 Priority:  high            |     Milestone:  6.9.3
Component:  s3              |       Version:  6.9.2
 Severity:  major           |    Resolution:  fixed
 Keywords:  s3 iam sts mfa  |  Architecture:
 Platform:  macOS 10.13     |

Comment (by cduser):

 Replying to [comment:7 dkocher]:
 > A new snapshot build has now been published. Please comment on this
 ticket if the issue is resolved (or reopen) as we cannot fully test this

 Hi dkocher,

 I can help with the testing. Unfortunately I'm still having issues, but
 its looking better.

 This is what I'm doing:

 I'm using the following profile:

 <?xml version="1.0" encoding="UTF-8"?>
   ~ Copyright (c) 2002-2018 iterate GmbH. All rights reserved.
   ~ https://cyberduck.io/
   ~ This program is free software; you can redistribute it and/or modify
   ~ it under the terms of the GNU General Public License as published by
   ~ the Free Software Foundation, either version 3 of the License, or
   ~ (at your option) any later version.
   ~ This program is distributed in the hope that it will be useful,
   ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
   ~ GNU General Public License for more details.

 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
 <plist version="1.0">
         <string>S3 (Credentials from AWS Security Token Service)</string>
         <key>Default Nickname</key>
         <string>S3 (Credentials from AWS Security Token Service)</string>
         <key>Username Placeholder</key>
         <string>Profile Name in ~/.aws/credentials</string>
         <key>Password Configurable</key>
         <key>Token Configurable</key>
         <key>Anonymous Configurable</key>

 When adding the profile to cyberduck I set''Server'' to ''s3-us-gov-
 west-1.amazonaws.com'' and ''Profile Name in ~/.aws/credentials'' to
 ''cyberduck''. I then get new temporary credentials from AWS and put them
 in my ~/.aws/credentials file like this:

 output = json
 region = us-gov-west-1
 aws_access_key_id = AAAAAAAAAAAAAAAAAAAA
 aws_session_token =

 When I double click on the the shortcut in cyberduck I see
 ''Authenticating as cyberduck'' in the lower left corner with a spinning
 icon, but it never connects. If I try to close cyberduck it gets locked up
 and I have to force quit. Is there a way to enable debug logs?

 Thank you for all your help and prompt response!

Ticket URL: <https://trac.cyberduck.io/ticket/10594#comment:8>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list