How to access S3 via Temporary Security Credentials

An AWS Account or an IAM user can request temporary security credentials and use them to access Amazon S3.

Temporary security credentials are obtained from AWS Security Token Service (AWS STS) by sending the AssumeRole call.

With TntDrive you can easily mount Amazon S3 buckets using Temporary Security Credentials, it will send the AssumeRole request automatically.

Once obtained, temporary security credentails are cached in memory and used until they expire, then the next AssumeRole request is sent.

To map Amazon S3 buckets via AssumeRole

1. Start TntDrive Dashboard and click Accounts, Add new account.

Start TntDrive Dashboard and click Accounts, Add new account

Add New Account dialog will open:

Add New Account dialog

2. Choose the Amazon S3 via AssumeRole account type

3. Specify the Role ARN - The Amazon Resource Name of the role to assume.

4. External ID - an optional field, a unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then specify that value here.

5. Select the Source Account - the account to sign the AssumeRole call.

6. Turn on the Use secure transfer (SSL/TLS) checkbox if you would like to encrypt all communications with the storage.

7. Click Add new account

You can now add new mapped drive with this account.