How To Configure KopiCloud Tools Authentication to use AWS Session Tokens


The process to configure your AWS account requires to generate an AWS API Key and configure your application to use these AWS credentials.

We introduced support for AWS Session Tokens on our new KopiCloud AWS Automation Tools in October 2020.

So, what are AWS Session Tokens? They are a set of temporary credentials for an AWS account or IAM user. The credentials consist of an Access Key ID, a Secret Access Key, and a Security Token.



Configuring AWS Command Line Interface (CLI) -optional step-


The first step is downloading and installing the AWS CLI from https://aws.amazon.com/cli.

Then, we will set up the credentials using the aws configure command:

aws configure
AWS Access Key ID [None]: xxxxxxxxxxxxxxxxxx
AWS Secret Access Key [None]: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Default region name [None]: eu-west-1
Default output format [None]:




Creating an AWS Session Token -optional step-


The following command creates short-term credentials for the IAM. This credential expires 15 minutes (900 seconds) after they are generated.

aws sts get-session-token --duration-seconds 900

and we get the session token credentials:

{
  "Credentials": {
      "AccessKeyId": "ASIA2XJTE6LNXI4XEOCG",
      "SecretAccessKey": "ciIuUVmNc0J1PHj5IEzoSrReiM3GOVgp2FD/fzqV",
      "SessionToken": "IQoJb3JpZ2luX2VjELz//////////wEaCWV1LXdlc3QtMSJHMEUCIAigzqU6W3ioRUUChgBCDKXsuPsGMwjdCPcuCq/WJ9NPAiEA2Z948gL6E4o627R53ypeFtP/YU65m2aabtgMlJ2Hp68q8wEIxf//////////ARAAGgw3MzcyMzEwNDEyNtMiDLiiN7jk7kZUs4SnMirHAdNyh5E9xKJJLFYA7WEm+5TAlMrjrbs+wlLJ7mQjhyshvJgGcrY0kuScluWIKA/x/Q7Md4yv3R+jSVe020I9RVbY/YaOixGtW6gl8+AkGJgixuR1tXT6I+i2nqy6tX/wqghCFLRUXE/IxypTOjWu3Npez4QJ7fP0lLBOKvxGkPzlU3jrxtizi5sUUTABrg3wBaCcCAzcgRkA1UrdjCI5Q34dSILUwBc6DDSYtt6v/RL+wgT8W1G7tfQSvUUVcTdkFxvZOGKXnYIw1pn/+gU6mAGQgYFgBAFflz0BYs6oxaAZaE347O75MFLL0NMuYDvXsNTpikRUcy4G5E90usefstSs8MMGy1/FP/BcTdUQNXltw51AzIgYMz8yyQ6pLQdSG9mm+aRXmERWH0r8iI0Hwtdyr/CoumnKVjSI2eZgjGTNH2rYgXz6VR4olH2ilT8UXsVjZtwnexsP4Z0D78bStFMtJUyzt7EQwA==",
      "Expiration": "2020-10-10T22:19:38+00:00"
    }
}




Using AWS Session Tokens for Authentication


We open our KopiCloud Automation Tool and click on the Manage Cloud Credentials button in your application, click on the AWS Session Token tab.

Enter a name for your AWS Profile, your AWS Access Key, AWS Secret Key and AWS Session Token. Then click the Validate Information button.

AWS Session Tokens Authentication


Select your default AWS Region and click the Save New Profile button.

AWS Session Tokens Authentication

And you are ready to start using KopiCloud Tools!