Knime and Amazon S3 Connection with AWS Session token


we have temporary access to S3 specifiied in $HOME/.aws/credentials by 

aws_access_key_id = .....

aws_secret_access_key = ......

aws_session_token = ...................................

Accessing a bucket via aws s3 ls bucket works


I defined a Amazon S3 connection within Knime and specified to use the "default credentials provider chan" 

but this fails with Access Denied (403)


How can I configure Knime to use the aws_session_token ?


Thank you 


We want to add some information to this....
The try with "default credentials provider chain"  was already described

Whenever we trying the Access Key Id and Secret Key we are also failing because it seems, that Knime take the key id as part of the S3 bucket address...

s3://<AccessKeyId>@eu-central-1 fails

Any ideas on that ?

I am also trying to connect to an S3 resource using my credentials that are protected by multi-factor authentication. It seems important that the Amazon S3 Connection node support MFA.


If you select the Default Credential Provider Chain local ENV variables or the credentials file should work. Looking into the aws-sdk-java, session tokens should be supported too, but i have not tested it so far. Do you use IAM roles?

This is only the representation inside of KNIME. What Node do you use access S3 after the S3 Connection node?

This should work with the Default Credentials Provider Chain. Can you test this with ENV variables (AWS_ACCESS_KEY_ID, AWS_SECRET_KEY and AWS_SESSION_TOKEN)?

1 Like

This sounds great! I will try again on Monday.