Difference between revisions of "AWS Security Token Service (STS)"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2013/05/28/announcing-iam-web-identity-federation/
↑ https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
(→Errors) |
|||
| (15 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | AWS Security Token Service ([[AWS timeline|at least 2013]]) <ref>https://aws.amazon.com/about-aws/whats-new/2013/05/28/announcing-iam-web-identity-federation/</ref>, <code>[[aws sts]]</code> | ||
| − | + | == News == | |
| − | + | * Feb 2015 AWS Security Token Service (STS) in every AWS Region | |
== Activities == | == Activities == | ||
| − | * Read sts blog: https://aws.amazon.com/blogs/security/tag/aws-sts/ | + | * Read sts blog: |
| + | ** https://aws.amazon.com/blogs/security/tag/aws-sts/ | ||
| + | ** https://aws.amazon.com/blogs/security/category/security-identity-compliance/aws-security-token-service/ | ||
* Read StackOverflow related questions: https://stackoverflow.com/questions/tagged/aws-sts?tab=Votes | * Read StackOverflow related questions: https://stackoverflow.com/questions/tagged/aws-sts?tab=Votes | ||
| + | * Read [[Managing AWS STS in an AWS Region]] <ref>https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html</ref> | ||
| + | |||
| + | == Errors == | ||
| + | eksctl get cluster | ||
| + | [[Error: checking AWS STS access]] – cannot get role ARN for current session: operation error STS: [[GetCallerIdentity]], failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no [[EC2 IMDS]] role found, operation error [[ec2imds]]: [[GetMetadata]], request send failed, Get "http://169.254.169.254/latest/meta-data/iam/security-credentials/": dial tcp 169.254.169.254:80: i/o timeout | ||
| + | |||
| + | An error occurred (UnrecognizedClientException) when calling the UpdateService operation: [[The security token included in the request is invalid]]. | ||
| + | |||
| + | [[An error occurred (ExpiredTokenException) when calling the]] .../... | ||
== Related == | == Related == | ||
| Line 13: | Line 25: | ||
* <code>[[AssumeRoleWithWebIdentity]]</code> | * <code>[[AssumeRoleWithWebIdentity]]</code> | ||
* [[AWS SAML]] | * [[AWS SAML]] | ||
| − | + | * [[AWS STS SourceIdentity]] | |
| − | + | * [[AWS IAM]] | |
| − | |||
| − | |||
| − | |||
| − | |||
== See also == | == See also == | ||
Latest revision as of 09:23, 29 February 2024
AWS Security Token Service (at least 2013) [1], aws sts
Contents
News[edit]
- Feb 2015 AWS Security Token Service (STS) in every AWS Region
Activities[edit]
- Read sts blog:
- Read StackOverflow related questions: https://stackoverflow.com/questions/tagged/aws-sts?tab=Votes
- Read Managing AWS STS in an AWS Region [2]
Errors[edit]
eksctl get cluster Error: checking AWS STS access – cannot get role ARN for current session: operation error STS: GetCallerIdentity, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, request send failed, Get "http://169.254.169.254/latest/meta-data/iam/security-credentials/": dial tcp 169.254.169.254:80: i/o timeout
An error occurred (UnrecognizedClientException) when calling the UpdateService operation: The security token included in the request is invalid.
An error occurred (ExpiredTokenException) when calling the .../...
Related[edit]
GetSessionToken- Amazon Region
sts:AssumeRoleWithSAMLAssumeRoleWithWebIdentity- AWS SAML
- AWS STS SourceIdentity
- AWS IAM
See also[edit]
- AWS STS,
aws sts[get-session-token|get-caller-identity|assume-role | assume-role-with-saml | get-access-key-info ] - AWS Security Token Service (STS),
aws sts, aws iam set-security-token-service-preferences, AWS bearer tokens - STS, AWS STS,
aws sts, Terraform AWS provider:assume_role
Advertising:
