We recommend configuring your AWS SDK or tool to use Using IAM Identity Center to authenticate AWS SDK and tools with extended session duration options. However, you can copy and use temporary credentials that are available in the AWS access portal. New credentials will need to be copied when these expire. You can use the temporary credentials in a profile or use them as values for system properties and environment variables.
Best practice: Instead of manually managing access keys and a token in the credentials file, we recommend your application uses temporary credentials delivered from:
Set up a credentials file using short-term credentials retrieved from AWS access portalIn the credentials file, paste the following placeholder text until you paste in working temporary credentials.
[default]
aws_access_key_id=<value from AWS access portal>
aws_secret_access_key=<value from AWS access portal>
aws_session_token=<value from AWS access portal>Save the file. The file ~/.aws/credentials should now exist on your local development system. This file contains the [default] profile that the SDK or tool uses if a specific named profile is not specified.
Follow these instructions for Manual credential refresh to copy IAM role credentials from the AWS access portal.
For step 4 in the linked instructions, choose the IAM role name that grants access for your development needs. This role typically has a name like PowerUserAccess or Developer.
For step 7 in the linked instructions, select the Manually add a profile to your AWS credentials file option and copy the contents.
Paste the copied credentials into your local credentials file. The generated profile name is not needed if you are using the default profile. Your file should resemble the following.
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
aws_session_token=IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZ2luX2IQoJb3JpZVERYLONGSTRINGEXAMPLESave the credentials file.
When the SDK creates a service client, it will access these temporary credentials and use them for each request. The settings for the IAM role chosen in step 5a determine how long the temporary credentials are valid. The maximum duration is twelve hours.
After the temporary credentials expire, repeat steps 4 through 7.
AWS access keys
Long-term credentials
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4