# Amazon S3 with IAM Role

ExpanDrive connects to Amazon S3 using temporary security credentials issued via [AWS Security Token Service (STS)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).

For this workflow, you provide the keys to authenticate as a user who can assume a role that has access to your bucket. ExpanDrive uses STS to get temporary credentials for the role that can access the S3 bucket. If the role is configured for MFA, ExpanDrive prompts you for the one-time password and supplies the MFA information to STS. With the temporary credentials in hand, ExpanDrive provides access to the S3 bucket.

This is a more secure alternative to long-term access keys. It supports IAM roles, MFA enforcement, and short-lived credentials that automatically expire.

## Connection Parameters

Connecting to S3 using temporary security credentials uses many of the same connection parameters as a [conventional S3 connection](/integrations/amazon-s3.md). The server, custom region, nickname, and bucket behave exactly the same.

### Access Key

This is the access key of the user who has permission to assume a role via STS.

### Secret Key

The secret key for the user who can assume a role via STS.

### STS Endpoint

The endpoint for AWS STS. Use <https://sts.amazonaws.com>.

### IAM Role

The Amazon Resource Name (ARN) of the role to assume. This role must grant access to the target S3 bucket.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.expandrive.com/integrations/amazon-s3/amazon-s3-with-iam-role.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.