Support for AWS SSO / Session Token Authentication #11568
Description
cbd19e4 created the issue
Hello!
I'm in the process of migrating from AWS IAM user / AssumeRole authentication to using the AWS Single Sign-On service. Cyberduck has worked great with the user/role auth, and I have a couple feature requests that I think would allow it to work with AWS SSO.
For an Amazon S3 connection, add a field to enter an AWS Session Token directly, along with the access key id and secret access key.
AWS SSO presents a nice copy/paste window for session credentials, and it would be easy for a user to copy/paste the values from "Option 3" (below) into Cyberduck when connecting. This is a screenshot of the AWS SSO login page that presents temporary credentials and how to use them.
Another option would be to upgrade to aws java sdk v2 which supports the SSO credentials provider.
There's an open issue for support in the aws java v1 sdk, but I'm not sure if it will be implemented.
I'm supporting Cyberduck users that have limited text editor / terminal experience, so a workflow that relies on them making changes to ~/.aws/credentials to update their access keys / session token is cumbersome.
Thank you! - Ben
Attachments
SSO.png(228.9 KiB)
