Cyberduck Mountain Duck CLI

Changes between Initial Version and Version 1 of Ticket #10432, comment 14


Ignore:
Timestamp:
Aug 21, 2018 12:35:33 PM (10 months ago)
Author:
ekent
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #10432, comment 14

    initial v1  
    11Ok, so this is how we are setup to work:
    2 We run a script on terminal which authenticates us against company SSO, and goes off to STS to retrieve the credentials (access key, secret key and session token). These are then automatically placed in the .aws/credentials file.
    3 We then use a cross account role (DPMProdMaster-RO) to try to access the S3 in a different account to the one which the credentials are for (works for aws cli access), so we know that the credentials work, and that they are capable of use with the cross account roles.
     2
     3- We run a script on terminal which authenticates us against company SSO, and goes off to STS to retrieve the credentials (access key, secret key and session token). These are then automatically placed in the .aws/credentials file.
     4
     5- We then use a cross account role (DPMProdMaster-RO) to try to access the S3 in a different account to the one which the credentials are for (works for aws cli access), so we know that the credentials work, and that they are capable of use with the cross account roles.
     6
    47So we need a profile which will verify the existing session token and credentials in the aws credentials file, and allow us to use a cross account role with them.
    58Hope this makes sense!
swiss made software