An AWS Account or an IAM user can request temporary security credentials and use them to access Amazon S3. The credentials consist of an Access Key ID, a Secret Access Key, and a Security Token.
Temporary security credentials are obtained from AWS Security Token Service (AWS STS) by sending the AssumeRole or GetSessionToken call.
With S3 Browser you can easily work with Amazon S3 via temporary security credentials, it calls AssumeRole or GetSessionToken automatically when required.
Once obtained, temporary security credentails are cached in memory and used until they expire, then the next STS call is sent.
To connect Amazon S3 via STS GetSessionToken
1. Start S3 Browser and click Accounts -> Add New Account.Click Accounts -> Add New Account
The Add New Account dialog will open:New Amazon S3 via GetSessionToken account dialog.
2. Choose the Amazon S3 via GetSessionToken account type
3. Specify MFA Serial - an optional field, the identification number of the MFA device that is associated with the user who is making the GetSessionToken call. Specify it if the user has a policy that requires MFA authentication or leave it empty
6. Select the Source Account - an account for calling GetSessionToken. The GetSessionToken operation must be called by using the long-term AWS security credentials of the AWS account root user or an IAM user
7. Turn on the Use secure transfer (SSL/TLS) checkbox if you would like to encrypt all communications with the storage.
8. Click Add new account
You can now choose the newly added account from the accounts menu:Click Accounts -> Account Name to switch between accounts.
"S3 Browser is an invaluable tool to me as a web developer to easily manage my automated site backups" -Bob Kraft, Web Developer
"Just want to show my appreciation for a wonderful product. I use S3 Browser a lot, it is a great tool." -Gideon Kuijten, Pro User
"Thank You Thank You Thank You for this tool. A must have for anyone using S3!" -Brian Cummiskey, USA