Blagoi Anastasov created JCLOUDS-1593:
-----------------------------------------
Summary: [S3] STS api cannot assume Role with MFA
Key: JCLOUDS-1593
URL: https://issues.apache.org/jira/browse/JCLOUDS-1593
Project: jclouds
Issue Type: Improvement
Components: jclouds-blobstore
Affects Versions: 2.4.0
Reporter: Blagoi Anastasov
Hello all,
Use case: Account A has MFA enabled and wants to assume role to upload in s3
bucket of Account B. The Role is configured to allow users ONLY with MFA
enabled.
Conclusion: STS Api is used to retrieve temporary credentials. One way is with
.assumeRole() method and the other is with .createTemporaryCredentials() where
you can use MFA device number. However, they cannot be used together! We cannot
.assumeRole() with information about the role arn, external id and MFA device
number.
I referred also to "STSApiExpectTest.java".
Best Regards,
Blago
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
