Has anyone successfully used the MBS Curl plugin with AWS using temporary
credentials?
I’m trying to sort out how to utilize which includes a third authentication
component, the returned SessionToken along with the temporary AWS keys.
In this case, I’m using code from the example S3 upload example.
I know it’s not a credential problem as I can use the AWS CLI with these creds
and things work as expected.
I.E.
Exporting the following:
export AWS_ACCESS_KEY_ID=xxxx
export AWS_SECRET_ACCESS_KEY=xxxx
export AWS_SESSION_TOKEN=xxxx
Where xxx is the returned temp credentials from AWS Cognito (a combination of
User Pools and Identity Pool calls to get them issued)
If I use the aws cli like AWS S3 cp somefile.ext to s3://mybucket it works.
If I upload to a bucket the user should not have access to, it does not work
which is expected. (Testing to ensure the env variable is used and not the
local .AWS creds)
I tried adding something like this:
call d.SetOptionHTTPHeader
array("X-Amz-Security-Token:",Str(AuthInfo.SessionToken))
Based on my read here:
https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#UsingTemporarySecurityCredentials
Still not working. I’ve done this before but only with SDK’s such as mobile
SDK’s or Java with JavaFX clients. I’m opening a ticket with AWS support to
query on if the Session Token is required to be used in the signature or not as
I’m not finding examples of using temp credentials specifically with the S3
REST API but I might be just missing it.
Any help appreciated!
Regards,
Jim Hankins
_______________________________________________
Mbsplugins_monkeybreadsoftware.info mailing list
[email protected]
https://ml01.ispgateway.de/mailman/listinfo/mbsplugins_monkeybreadsoftware.info
