duplicity-team team mailing list archive

Thread
Date

[Question #632253]: Support for S3 saml federated authentication (token)

To: duplicity-team@xxxxxxxxxxxxxxxxxxx
From: stepedro83 <question632253@xxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 12 May 2017 15:27:57 -0000
Reply-to: question632253@xxxxxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

New question #632253 on Duplicity:
https://answers.launchpad.net/duplicity/+question/632253

Hi!

I would like to use duplicity to S3 in an active directory environment and leverage the federated temporary authentication as described here: https://aws.amazon.com/it/blogs/security/how-to-implement-federated-api-and-cli-access-using-saml-2-0-and-ad-fs/

In our company we have a python script to generate the temporary credentials.

I have 2 questions:

1) is there a way to have duplicity authenticating using the session token?
saml.aws_access_key_id
saml.aws_secret_access_key
saml.aws_session_token

2) considering a (common) case when the token last for 1h and duplicity job run longer, is there a way to refresh those credentials without having the job to fail?


As I see, duplicity would need to re-invoke the federated authentication scripts every time expires.


Thanks!




-- 
You received this question notification because your team duplicity-team
is an answer contact for Duplicity.