AWS Assume Role

Overview

This plugin allows users to connect with AWS to provide trusted users with temporary security credentials that grant access to other AWS resources.

Key Features & Functionality

The Amazon S3 Utilities Plug-in utilizes the Amazon AWS Java API to establish a connection with Amazon STS for retrieving temporary credentials.

The Appian Secure Credential Store is employed to manage the credentials necessary for integration with Amazon STS. Before executing the plug-in, create a new secure credential store with the following two attributes. Obtain these values from the Amazon AWS IAM console:

accesskeyid: This is the access key ID required for connecting to AWS S3.
accesskeysecret: This is the access key secret used for connecting to AWS S3.

To set up the roleARN, you will need to create it in the AWS IAM Console. Additionally, the user you are using for the accesskeyid and accesskeysecret must have the appropriate permissions to assume the role. Instructions on how to do this can be found in the links below.

Creating a role to delegate permissions to an IAM user - (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html)

Granting users permission to assume an IAM role - (https://docs.aws.amazon.com/workdocs/latest/developerguide/wd-iam-grantdev.html)

Anonymous
Parents Comment Children
No Data