堆栈内存溢出
  简体   繁体   English

如何将凭证传递到AWS STS GetSessionToken

[英]How to pass credentials to AWS STS GetSessionToken

 原文  2016-05-29 21:28:45       javascript/ php/ amazon-web-services/ amazon-s3/ aws-sts

问题描述

I wrote a javascript file manager to manage user files on an Amazon S3. 我写了一个JavaScript文件管理器来管理Amazon S3上的用户文件。 It uses the AWS Javascript API. 它使用AWS Javascript API。 Developed it using hard-coded IAM user credentials, and now for production want to use temporary credentials Instead. 它是使用硬编码的IAM用户凭据开发的,现在用于生产时要使用临时凭据。

My plan is for our PHP server to generate the temp credentials from the IAM credentials, via AJAX callback from the JS code to PHP via STS GetSessionToken. 我的计划是让我们的PHP服务器通过IAM凭证生成临时凭证,通过AJAX回调从JS代码到STS GetSessionToken到PHP。 Seems simple enough, but I can't seem to find any documentation on how to pass the IAM key/secret to GetSessionToken in the URL. 看起来很简单,但是我似乎找不到任何有关如何将IAM密钥/秘密传递给URL中的GetSessionToken的文档。 The examples in the AWS docs all show something like: AWS文档中的所有示例均显示如下内容:

https://sts.amazonaws.com/?Version=2011-06-15&Action=GetSessionToken&DurationSeconds=3600&AUTHPARAMS https://sts.amazonaws.com/?Version=2011-06-15&Action=GetSessionToken&DurationSeconds=3600&AUTHPARAMS

Where I guess "AUTHPARAMS" is so obvious that I should not need any further explanation. 我猜想“ AUTHPARAMS”是如此明显,以至于我不需要任何进一步的解释。 But sadly, I do need further explanation. 但是可悲的是,我确实需要进一步的解释。 All I need from the PHP side of things is this one little call, so I didn't really want to install the whole AWS PHP SDK just for this. 在PHP方面,我只需要一个小调用,因此我真的不想为此安装整个AWS PHP SDK。 If I can just find out how to build the URL for this one call, then I can send it off via CURL and be all set. 如果我能找到如何为这个呼叫建立URL,那么我就可以通过CURL发送它并设置好。 At least that was the plan. 至少那是计划。

Is there a way to call GetSessionToken directly via the REST api, and pass it the IAM key/secret, or is it really more complicated than that? 有没有一种方法可以直接通过REST API调用GetSessionToken,并将其传递给IAM密钥/秘密,或者真的比这更复杂?

1 个解决方案

解决方案1
 0 已采纳  2016-05-30 00:33:58

You need to learn about AWS API request signing . 您需要了解有关AWS API请求签名的信息 More specifics here . 更多细节在这里 Note that AWS regions opened after January 30, 2014 require v4 signing, while earlier regions accept v2 or v4 signing. 请注意,2014年1月30日之后开放的AWS区域需要v4签名,而较早的区域则接受v2或v4签名。

Or just use the PHP SDK which makes it all much simpler. 或者只是使用PHP SDK,这使得一切变得更加简单。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 尝试使用 AWS.STS.getSessionToken 与 node.js 无法检索令牌 - trying to use AWS.STS.getSessionToken with node.js not able to retrieve token 获取临时AWS凭证的推荐方法? AWS.config还是STS? - Recommended way to get temporary AWS credentials? AWS.config or STS? 使用STS凭据上传aws-sdk - 403错误 - aws-sdk upload with STS credentials - 403 error AWS javascript SDK无法使用STS凭证上传到s3 - AWS javascript sdk can't upload to s3 using STS credentials 如何使用凭证配置AWS? - How should I configure AWS with credentials? 如何使用 cypress 使用 aws 凭证 - How to use aws credentials using cypress 如何通过angular-http-auth传递凭据? - how to pass credentials with angular-http-auth? 如何使用导入语句传递凭据? - How to pass credentials using import statement? 如何将凭证传递给passport.authenticate? - How to Pass Credentials to passport.authenticate? 如何使用JavaScript将凭据传递给iframe - How to pass credentials to iframe using javascript
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM