Specifies the type of authentication to use when connecting to Amazon S3. If this property is left blank, the default authentication is used.

Syntax

Connect-AmazonS3 -AuthScheme string

Possible Values

ADFS, AwsRootKeys, AwsIAMRoles, AwsEC2Roles, AwsWebIdentity, AwsCredentialsFile, Okta, Keycloak, TemporaryCredentials, PingFederate, AwsCognitoBasic, AwsCognitoSrp

Data Type

cstr

Default Value

"AwsRootKeys"

Remarks

• TemporaryCredentials: Authenticate using temporary security credentials alongside a session token.
• AwsRootKeys: Authenticate using the root user access key and secret, to test something quickly. (Production use cases are encouraged to use something with narrowed permissions.)
• AwsIAMRoles: Authenticate using IAM Roles.
• AwsEC2Roles: Automatically use IAM Roles assigned to the EC2 machine where cmdlet is currently running.
• Okta: Set to use a single sign on connection with OKTA as the identity provider.
• ADFS: Set to use a single sign on connection with ADFS as the identity provider.
• PingFederate: Set to use a single sign on connection with PingFederate as the identity provider.
• AwsCredentialsFile: Set to use a credential file for authentication.
• AwsCognitoSrp: Set to use Cognito based authentication. This is recommended over AwsCognitoBasic because this option does NOT send the password to the server for authentication, instead it uses the SRP protocol.
• AwsCognitoBasic: Set to use Cognito based authentication.