27 August 2020

External ID for S3 Assume Role

External ID for the S3 Assume Role for a media source and output destination now should be configured for an account. Now it can't be specified in the URL.

<?xml version="1.0"?>
<query>
    <userid><<id>></userid> <!-- required-->
    <userkey><<key>></userkey> <!-- required-->
    <action>[Action]</action> <!-- required-->
    <source>http://[bucket].s3.amazonaws.com/[filename]?assume_role=[AssumedRoleUser]</source> <!-- required-->
    <format>
        <output>http://[bucket].s3.amazonaws.com/[filename]?assume_role=[AssumedRoleUser]</output> <!-- required-->
        <destination>[DestinationPath]</destination>
    </format>
</query>

{
    "query": {
        "userid": "<<id>>", // required
        "userkey": "<<key>>", // required
        "action": "[Action]", // required
        "source": "http://[bucket].s3.amazonaws.com/[filename]?assume_role=[AssumedRoleUser]", // required
        "format": {
            "output": "[OutputFormat]", // required
            "destination": "http://[bucket].s3.amazonaws.com/[filename]?assume_role=[AssumedRoleUser]"
        }
    }
}

🚧
For Assume Role
You can use ExternalID when accessing your S3 using AssumeRole.
To do that, please visit Account page in the UI, in the section "AWS Assume Role External ID" generate new External ID or copy existing one, and then set up your AssumeRole policy so that it requires ExternalID.

External ID for S3 Assume Role

🚧For Assume Role

🚧
For Assume Role