Versions Compared

Old Version 53

changes.mady.by.user Daniel P Klinger

Saved on

compared with

New Version 54

changes.mady.by.user Daniel P Klinger

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

STS Token use for manual data transfers with existing shibboleth IAM roles

There are some options here:

  1. Install the aws login tool (Access Keys for AWS CLI Using Cornell Two-Step Login (Shibboleth)
  2. Docker with the aws login tool with other helpful cloud utilities (https://github.com/CU-CommunityApps/ct-cloud-utils-dockerized)
  3. Install the aws cli (https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html) using 'aws sts get-session-token' with a new or existing IAM user (https://docs.aws.amazon.com/cli/latest/reference/sts/get-session-token.html)
    1. Create a new or use default profile
    2. "aws configure --profile {name}"

 

  • AWS CLI
    1. Access Keys for AWS CLI Using Cornell Two-Step Login (Shibboleth)
  • rclone
    1. rclone config
      1. set id, secret and session token (under advanced config)
  • Cyberduck Cyberduck
      Create sts profile in ~/.aws/credentials file"aws configure --profile sts" and/or text editor
    1. Copy ID, Secret and Token from ~/.aws/credentials {name}
        from https://signin-sts.aws.cucloud.net
        [sts]
      1. aws_access_key_id = [ paste ID ]
      2. aws_secret_access_key = [ paste key ]
      3. aws_session_token = [ paste token ]
    2. Download Cyberduck STS token profile
    3. Open Connection - S3 (Credentials from AWS Security Token Service)
      1. Specify profile from #1
  • Mountain Duck now available with similar process as outlined above with CyberDuck.

...