Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

Re: Security Token Service support for AWS S3 Multiple Profiles

Create a shortcut with a target like this:
cmd /c "set AWS_PROFILE=foo & start "" "C:\Program Files (x86)\WinSCP\WinSCP.exe""

Optionally you can even add session name to WinSCP.exe command line to have it open the session automatically.

This naive approach might popup console window briefly. There are more complex methods that avoid that.
Meerkat

Security Token Service support for AWS S3 Multiple Profiles

Thanks, for the feedback. Do you have a dummy example of how to set the the cli command AWS_PROFILE parameter in the desktop shortcut link?
martin

Re: Security Token Service support for AWS S3 Multiple Profiles

@Meerkat: WinSCP does not have a way to select an AWS profile (yet). All you can do atm is to create e.g. a desktop shortcut that starts WinSCP with the profile set via AWS_PROFILE environment variable.
Meerkat

Re: Security Token Service support for AWS S3 Multiple Profiles

Hi

First off, avid user of WinSCP, thank you for a great app!

I access a number of S3 buckets and have multiple AWS profiles. Due to security changes I need to use temp credentials. In Cyberduck one can select the profile and path and it connects to the different S3 bucket using the selected profile from the AWS credentials and config.

I tried the new version WinSCP version and ticked the box to read credentials from the AWS CLI configuration but I'm not having any luck due to the multiple profiles.

When I do it manually for a specific profile and input the temp aws_access_key_id, aws_secret_access_key and aws_security_token it works.

Is it possible to add a feature to specify the use a specific profile?
Guest

Re: Security Token Service support for AWS S3

With Amazon SSO you get temporary keys instead of having to create an IAM user for S3 users but they only work with a session token as well.

One work around would be to have a place to put the session token and pass it or to pull from the .AWS/Credentials file based on a profile that is pre saved.
fscalzo

Re: Security Token Service support for AWS S3

Can you link to the how to? I have been searching.
martin

Re: Security Token Service support for AWS S3

This has been implemented. I'm sending you a development version of WinSCP for testing.
martin

Re: Security Token Service support for AWS S3

I have sent you an email with some questions.