Refreshing AWS STS credentials


I’m trying to use rclone to copy over a lot of data from a local filesystem to S3.
However, I can only get AWS credentials via vault/STS, which means they expire after one hour.

And jobs can easily take longer than that, which causes rclone to keep trying and endlessly gets errors back once the credentals have expired.

Is there a way to refresh AWS credentials periodically? I’m currently passing them via environment variables.

Alternatively, is it possible to at least have rclone exit once the credentials have expired?

Is getting the credentials something rclone should do? I don’t know anything about vault/STS!

At the moment rclone expects S3 credentials to be valid forever.

That is certainly do-able provided the messages given from Amazon are identifiable enough. We could turn those error messages into Fatal error message which will cause rclone to stop rather than keep retrying.

Do you have an example of what rclone logs when it fails?