1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Something like this:
aws sts assume-role \
--role-arn <ROLE_ARN> \
--role-session-name <ROLE_NAME> \
--duration-seconds 3600 \
--output text \
--query Credentials.[SessionToken,SecretAccessKey,AccessKeyId,Expiration]"
export AWS_SESSION_TOKEN=$(echo $credentials | cut -f1 -d' ')
export AWS_SECRET_ACCESS_KEY=$(echo $credentials | cut -f2 -d' ')
export AWS_ACCESS_KEY_ID=$(echo $credentials | cut -f3 -d' ')
export AWS_SESSION_EXPIRATION=$(echo $credentials | cut -f4 -d' ')
If you are on an EC2 instance you can assign a role to the instance. See: IAM roles for Amazon EC2
関連するコンテンツ
- AWS公式更新しました 3年前
I am on a Windows onprem server. This could not go into my credentials file though, right? There must be a way to do this in my credentials file. Is this not possible? I'm assuming not since you are making a session token and that will probably expire after some time.
You should look at this: https://aws.amazon.com/blogs/security/extend-aws-iam-roles-to-workloads-outside-of-aws-with-iam-roles-anywhere/