Hello, Maybe the answer is already out there, but I didn't find it.
Is there a way to make s3ql commands use an assumed role to access the s3 bucket? Basically, my s3 buckets can be accessed only with a specific IAM role, so I either use a profile, or temporary credentials using aws sts. Example: aws sts assume-role --role-arn arn:aws:iam::123456789:role/s3admin --role-session-name s3backup --profile default Which gives me back temporary credentials with aws key, aws secret and aws_token. I tried this with awscli and it works perfectly if I update the .aws/credentials file with aws_access_key_id, aws_secret_access_key and aws_session_token All 3 are mandatory, or aws s3 commands don't work. I originally thought I could just create a authinfo file with these informations so s3ql can access my bucket under a temporary identity, but there's no parameter for the token. Without it, I get a 403 denied. I can't even start to make a mkfs.s3ql. After reading the aws doc (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) , the headers must contain x-amz-security-token Which s3ql doesn't support? Any idea? -- You received this message because you are subscribed to the Google Groups "s3ql" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/s3ql/20eb28b1c48c45a5a8953997eabad34f%40thalesgroup.com.
