download free 30 days trial version buy bucket explorer
Documentation  Download  Purchase  Support  FAQs   Forum   ScreenShots & Demos

How to make Amazon S3 Requests Using AWS Account or IAM User Credentials ?

To connect with Amazon S3, you have to send request using REST API because Amazon S3 is a REST Service. Bucket Explorer simplifies the use of complex REST API for its user.

To interact with Amazon S3, you first need to be authenticated or anonymous. The authenticated requester is verified by its signature value before accessing Amazon Web Service. The signature string is created from the AWS Secret Credentials of the requester.

Types of Security Credentials

The following types of Security Credentials allow you to make authenticated request.

  • AWS Account Security Credentials

  • IAM User Security Credentials

  • Temporary Security Credentials

 

AWS Account Security Credentials

It contains two strings; one is "Access Key ID" which is a 20 character alphanumeric long string and second is "Secret Access Key" which is a 40 character long alphanumeric string. The Access Key ID uniquely identifies an AWS account.

 

 

IAM User Security Credentials

This type of credentials is used when you want to work in a team. Then you can create a company's AWS account and in your company, you may have several employees who need access to your company resources. It is also possible that each employee has different access permission. In such cases, you need to use AWS Identity and Access Management (IAM) service to create user under the AWS Account Security Credentials. To manage user in better way, IAM allows you to create group of users and grant group level access permission that applies to all users of the group.

 

You can manage and create IAM User Security Credentials using Bucket Explorer Team Edition at http://team20.bucketexplorer.com . Here you do not need to worry about how to create user and group as well as what IAM User Policy needs to write to apply for the user. This site will do everything for you. You just have to select the option.

 

Temporary Security Credentials

This is an extension of IAM Security Credentials which means that IAM allows you to create a temporary security credentials for the user to access the AWS service and resources. These are also referred as IAM User. To create temporary security credentials, you need to use a token service, which is known as AWS Security Token Service (STS).

 

Where will you see your AWS Account Security Credentials?

You can view your Access Key ID and Secret Access Key when you create your AWS Account. This Security Credentials are not emailed to you. Whenever you need to view it, you have to go to http://aws.amazon.com and then click on Account tab and then click Security Credentials- here you will see your credentials details.

Authenticating Requests Using the REST API

When accessing Amazon S3 using REST and SOAP, you must provide the following items in your request so the request can be authenticated:

When you try to send authenticated request, you need to provide some important parameters within the request for either REST or SOAP.

The request parameters are:

  • AWS Access Key Id - It is a request to identify who is sending the request.
  • Signature - each request must have this to make the request valid; otherwise, the request will be rejected.
  • Time Stamp - this is the date and time of the request as per UTC
  • Date - Each request is also necessary to have the time stamp of the request.