[JCLOUDS-1593] [S3] STS api cannot assume Role with MFA - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 2.4.0
Fix Version/s: None
Component/s: jclouds-blobstore
Labels:
None

Description

Hello all,

Use case: Account A has MFA enabled and wants to assume role to upload in s3 bucket of Account B. The Role is configured to allow users ONLY with MFA enabled.

Conclusion: STS Api is used to retrieve temporary credentials. One way is with .assumeRole() method and the other is with .createTemporaryCredentials() where you can use MFA device number. However, they cannot be used together! We cannot .assumeRole() with information about the role arn, external id and MFA device number.

I referred also to "STSApiExpectTest.java".

Best Regards,

Blago

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Blagoi Anastasov

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Jan/22 08:16

Updated:: 05/Jan/22 08:16