I have two AWS accounts, Account A, Account B
On Account B there is IAM Role with trust relationship to account A and S3FullAccess policy.
On Account A I have IAM user configured with access key and secret key, this IAM user has policy with assume role to the role created on Account B.
Meaning, the user on Account A has full access to S3 resources on Account B.
When I configure the access and secret keys on my local pc on ~/.aws/credentials and configure the arn_role of the role created on account B on ~/.aws/config, I have access to all S3 resources on Account B from AWS CLI.
I am using Cyberduck to create Presigned URLs and I want to create the Presigned URLs using the configuration I specified here.
I want to have access using the cross account role on Cyberduck, as I specified.
I this feature exists? alternate options are welcome.
It should be possible using the S3 (Credentials from AWS Security Token Service) profile from Connecting using AssumeRole from AWS Security Token Service (STS).