在Eclipse 2.0的AWS工具包中承担/切换角色 [英] Assume/switch role in aws toolkit for eclipse 2.0
问题描述
我正在使用适用于Eclipse 2.0的AWS工具包.使用选项(窗口->首选项-> aws工具包),我已经配置了IAM/登录用户api访问密钥ID和秘密访问密钥.根据我们的aws配置,该IAM用户必须承担角色以查看/访问我们环境中的任何资源.我正在使用带有"–-profile"选项的aws cli来执行此操作.如何在Eclipse中的AWS工具箱中执行相同的操作?
I am using aws toolkit for eclipse 2.0. using the options ( window -> preference -> aws toolkit) I have configured IAM/login user api access key id and secret access key. According to our aws configuration, this IAM user has to assume role to view/access any resources in our environment. I am doing it using aws cli with "–-profile " option. How to do the same thing in aws toolkit for eclipse ?
推荐答案
好像我在AWS专家的帮助下找到了解决方案.基本上,您要做两件事:
Looks like I figured it out with help from an AWS expert. Basically you do 2 things:
- 生成一个AWS STS会话令牌
- 使用会话令牌"您的IDE中的值.
示例:aws sts假设角色-角色学习"value"--role-session-name值"--duration-seconds值"
Example: aws sts assume-role --role-arn "value" --role-session-name "value" --duration-seconds "value"
在Eclipse IDE AWS配置文件中输入为这些生成的值:
put in the values generated for these in your eclipse IDE AWS profile:
AccessKeyId
SecretAccessKey
SessionToken
您还可以通过在AWS CLI上使用此命令来使用SAML断言
You can also use a SAML assertion by using this command on the AWS CLI
aws sts assume-role-with-saml --role-arn "value" --principal-arn "value" --saml-assertion "value"
注意:最大会话长度由您正在使用的角色定义.
Note: the max session length is defined by the role you're using.
这篇关于在Eclipse 2.0的AWS工具包中承担/切换角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!