eRoleWithWebIdentity\",\"Condition\":\{\"StringEquals\":\{\"
> mykeycloak.org.com/auth/realms/myrealm:clientId\
> <http://mykeycloak.org.com/auth/realms/myrealm:clientId/>
> ":\"radosgw\"\}\}\}\]\}
>
> Is this not correct?
>
> T
t;\}\}\}\]\}
>
> Is this not correct?
>
> To call the AssumeRoleWithWebIdentity I used curl:
>
> curl -k -v -X GET "
> http://X.X.X.X:423/?Action=AssumeRoleWithWebIdentity&DurationSeconds=3600&RoleArn=
> arn:aws:iam:::role/S3Access &WebIdentityToken=XXX"
tionSeconds=3600&RoleArn= arn:aws:iam:::role/S3Access
> &WebIdentityToken=XXX"
>
>
> Best
> Simone
>
> -Messaggio originale-
> Da: Pritha Srivastava
> Inviato: mercoledì 16 marzo 2022 11:11
> A: simone.becc...@staff.aruba.it
> Cc: ceph
Hi Simone,
There is a step that I see missing here - have you created a role? For
creating a role, you need to attach 'roles' caps to the user that you
created.
Also, what tool have you used to make the AssumeRoleWithWebIdentity call?
An example using boto3 is outlined in the documentation here:
h
