In this blog, we will show you the steps to create and secure Temporary session keys in AWS IAM.
REQUIREMENTS
- AWS Subscription.
ENVIRONMENT OVERVIEW
- For demo purpose, we have created a new IAM user with full administrative access.
Note: We are using windows environment for the demo purpose
- We can able to create the temporary session key using the AWS CLI interface. Please use this link https://docs.aws.amazon.com/cli/latest/userguide/install-windows.html to install AWS CLI on windows.
- Before, creating the session key, make sure that you have a configured IAM account.
- By Default, AWS CLI configure will be stored in C:\Users\<user account>\.aws folder.
CREATING TEMPORARY SESSION KEY
- We can able to generate temporary credentials using the above access and secret key. To do that, type the below command.
aws sts get-session-token
- Now you received a new access key, secret key and session token to perform all the operations which your primary user does. The difference between the temporary and long term key is the expiration date.
- So these temporary keys will expire after a certain duration of time. But your primary user key will not expire until you explicitly disable it.
- For more information about the session token, please check the URL https://docs.aws.amazon.com/cli/latest/reference/sts/get-session-token.html.
Thanks for reading this blog. We hope this was useful for you to know about the steps to create and secure temporary session keys in AWS IAM
Loges