Using an assume role for Amazon S3 resources in Informatica Cloud Data Integration

Using an assume role for Amazon S3 resources in Informatica Cloud Data Integration

Accessing AWS using the connector

Accessing AWS using the connector

The connector uses the following process to interact with the AWS Security Token Service (STS) to generate temporary session credentials by using an assume role:
Assume Role for AWS
  1. The connector establishes a connection with the AWS Security Token Service (STS) using the permanent access key and secret key from Cloud Data Integration. These keys have limited permission to create the IAM roles.
  2. AWS Security Token Service (STS) validates the IAM user and provides the temporary credentials with permissions of the IAM role assumed by an IAM user. The AWS STS API response to the connector includes the temporary security credentials.
  3. The connector uses the temporary security credentials to call the Amazon API operations and gains access to Amazon S3 resources.

0 COMMENTS

We’d like to hear from you!