Cyberduck Mountain Duck CLI

Version 2 (modified by dkocher, on Feb 27, 2011 at 5:59:30 PM) (diff)


Cyberduck Help / Howto / AWS Identity & Access Management (IAM)

Notes on using IAM credentials to access S3 with Cyberduck. IAM allows you to create credentials for third parties accessing your S3 account with permission constraints.

IAM Tools Setup

  • Download the IAM Command Line Toolkit. Unzip the download and move the folder IAMCli-1.2.0 into the bin folder in your user home directory.
  • In a window, set the home environment for IAM
echo 'export AWS_IAM_HOME=~/bin/IAMCli-1.2.0' >> ~/.bash_profile
  • Set the environment variable to point to the credentials file.
    echo 'export AWS_CREDENTIAL_FILE=$AWS_IAM_HOME/aws-credential.template' >> ~/.bash_profile
  • Add the path to the IAM programs to your path
echo 'export PATH=$AWS_IAM_HOME/bin:$PATH' >> ~/.bash_profile
  • Update the environment of the current shell (alternatively open a new window).
. ~/.bash_profile
  • Edit the credentials file aws-credential.template with your AWS identifiers.

Create a new IAM user

  • Add a new IAM user and generate the access credentials. This will print out the Access Key ID and Secret Access Key.
iam-usercreate -u davidkocher;iam-useraddkey -u davidkocher
  • Add a new policy for the user. This example gives the user access to all of your S3 resources.
iam-useraddpolicy  -u davidkocher -e Allow -a s3:* -r arn:aws:s3:::* -o -p `uuidgen`