8

i have aws access key and secret key with me. i wanted session token to be updated in aws credential file (~/.aws/credentials), how will i get it?

I want them to be generated in command line.

Rui F Ribeiro
  • 55,929
  • 26
  • 146
  • 227
Vandhana
  • 313
  • 1
  • 3
  • 10

3 Answers3

4
$aws sts get-session-token --duration-seconds 129600

Here 129600 can be any time you want to specify after which the keys will expire. This command will give the output like below.

{
   "Credentials": {
       "SecretAccessKey": "Sb5pXXXXXQY3/qPoL/jUjMyXXXXXuev/0j3vXs",
       "SessionToken": "FQoGZXIvYXdzENv//////////wEaDEeLj11xTbnBk6azRCKsAacCiJK85DSXExJ81GtHrkEyev8eedQcFY4EoM00PsD1FAEMOfzQclVEFsoh9Y4ZHUjgGmCPRUnYCLNc2NnHkadvmI+MT7jRRa1Mo2HA/HYStOOwEyfXFYG91MNj9rVXXXXXXXXA6+7FF6jcxj3cr1U9CDB9hjW+jGq4UgjxXXXXXXXCoIidDjl4Z911zIzP/Q+FYA1R2CUz5Y32EUaMzR+bQvmheUolLOq3wU=",
       "Expiration": "2018-11-14T21:29:56Z",
       "AccessKeyId": "ASIXXXXXXXXZ27X"
   }
}
uneq95
  • 103
  • 4
Vandhana
  • 313
  • 1
  • 3
  • 10
2

You don't.

AWS_SESSION_TOKEN is not used when you have IAM User access and secret keys.

It's only needed when you use IAM Role - either through Cross-account access, or EC2 instance role, etc.

MLu
  • 2,040
  • 1
  • 16
  • 28
  • Actually i want them to be used for a distcp command. so without session token its throwing error.. – Vandhana Nov 13 '18 at 03:35
  • The error is because you most likely have a session token set in you shell. Unset it and you'll be fine. – MLu Nov 13 '18 at 03:38
  • i am completely new to aws. how shd i do that? – Vandhana Nov 13 '18 at 03:39
  • @Vandhana run `env | grep ^AWS_` and update your question with the output. I'll tell you what's wrong then. Also - are you on EC2 instance or on your laptop? – MLu Nov 13 '18 at 03:39
  • EC2 instance means? i m working on a server provided for my project. and for the above command i didn't get any output :( – Vandhana Nov 13 '18 at 03:41
  • What is EC2 instance: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html – MLu Nov 13 '18 at 03:44
  • Actually the keys are provided to us from a 3rd party tool, to upload few files. they gave secret key, access key and s3 path. i see aws been installed in my server.for doint distcp from hadoop to aws, i am getting some error as session token is not provided. hope the abov information helps – Vandhana Nov 13 '18 at 03:47
  • https://stackoverflow.com/questions/53222825/aws-file-upload same as this question... but i dont see anyone answerd this :| – Vandhana Nov 13 '18 at 03:50
0

You can use get-session-token with below parameters.

  get-session-token
[--duration-seconds <value>]
[--serial-number <value>]
[--token-code <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

https://docs.aws.amazon.com/cli/latest/reference/sts/get-session-token.html

mannu
  • 1
  • 1