Blog Articles
Read MSP360’s latest news and expert articles about MSP business and technology
CloudBerry Explorer featured image

Assuming an IAM Role via CloudBerry Explorer

Assuming an IAM Role via CloudBerry Explorer

CloudBerry Explorer enables users to authenticate to Amazon S3 using regular credentials. Taking things further, we've implemented support for IAM roles in the latest iteration of CloudBerry Explorer — release 5.0.5. In this article, we talk about how this mechanism functions and how to assume a role in Explorer.

Introduction

Amazon has an extremely versatile authentication mechanism. That is to say, apart from regular cloud credentials, Amazon allows to create the so-called IAM roles. An IAM role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. Here how a created role looks in the AWS Console:

Create role AWS Console

Now let's see how you can assume the aforementioned role in CloudBerry Explorer. But before we begin, ensure that your CloudBerry Explorer is already authenticated to S3 using credentials of the user that's been assigned to the role you're trying to assume.

FREE WHITEPAPER
Mastering AWS IAM for Amazon S3
Learn how to effectively manage the security of your Amazon S3 account to protect your and your clients' data
New call-to-action
WP icon

Role assumption

Assuming a role in CloudBerry Explorer is no more complicated than adding a few strings in the settings file. You can navigate to the file by going to C:\Users\yourUserName\AppData\Local\CloudBerryLab\CloudBerry Explorer for Amazon S3 in Windows Explorer. Alternatively, you can locate the file via CloudBerry Explorer itself. Under Tools, click Diagnostic.

Role assumption

Click Open in Folder.

Diagnostic tab

Open the settings.list file and add the following attributes to your S3 account (placed between <Settings> and </Settings>):

  • <AssumedRoleARN>arn:aws:iam::YourAccountNumber:role/RoleName</AssumedRoleARN>
  •  <AssumedRoleExternalId>ExternalId</AssumedRoleExternalId>

Open in Folder

The values for the attributes can be fetched from the AWS Console.

AWS Console

Having done so, save the file and relaunch CloudBerry Explorer. Upon launching your role should be automatically assumed, and the permissions will be set in accordance with your role.

CloudBerry Explorer for Amazon S3
  • File management in Amazon S3 and S3-compatible storage
  • Encryption and compression
  • IAM and security management
New call-to-action
Explorer icon