AWS STS - Temporary Access Tokens

June 15, 2025

Table of Contents

1. Generate Temporary Credentials
2. Set Environment Variables
3. Verify the environment variables

See also:

1. Generate Temporary Credentials

First, use the AWS STS (Security Token Service) to generate temporary credentials:

# 3600 x 5 = 18000 (5 hours)
aws sts get-session-token --duration-seconds 18000

This will return something like:

{
    "Credentials": {
        "AccessKeyId": "ASIA...",
        "SecretAccessKey": "...",
        "SessionToken": "...",
        "Expiration": "2025-06-13T..."
    }
}

2. Set Environment Variables

Then set these environment variables:

# Replace the values with your actual credentials from the previous step.
export AWS_ACCESS_KEY_ID="your_access_key"
export AWS_SECRET_ACCESS_KEY="your_secret_key"
export AWS_SESSION_TOKEN="your_session_token"
export AWS_DEFAULT_REGION="ap-southeast-2"  # Sydney region

3. Verify the environment variables

env | grep AWS

After setting these variables, try running your Python script again. The credentials will be automatically picked up by the AWS SDK.

See also:

AWS Credentials for CLI

AWS STS - Temporary Access Tokens

Amazon DynamoDB - Create a Table

Amazon DynamoDB - Import CSV Data

AWS Lambda - Create a Function

AWS Lambda - Grant Access

API Gateway - Usage Plan

API Gateway - API Key

API Gateway - Configuration