aws-config/aws.sdk.kotlin.runtime.auth.credentials/AssumeRoleParameters/AssumeRoleParameters

AssumeRoleParameters

constructor(roleArn: String, roleSessionName: String? = null, externalId: String? = null, duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, policyArns: List<String>? = null, policy: String? = null, tags: Map<String, String>? = null, transitiveTagKeys: List<String>? = null, serialNumber: String? = null, tokenCode: String? = null, sourceIdentity: String? = null)

Parameters

roleArn

The ARN of the target role to assume, e.g. arn:aws:iam:123456789:role/example

roleSessionName

The name to associate with the session. Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also in the ARN of the assumed role principal.

externalId

A unique identifier that might be required when you assume a role in another account. If the administrator of the account to which the role belongs provided you with an external ID, then provide that value in this parameter.

duration

The expiry duration of the STS credentials. Defaults to 15 minutes if not set.

policyArns

The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies

policy

An IAM policy in JSON format that you want to use as an inline session policy

tags

A list of session tags that you want to pass

transitiveTagKeys

A list of keys for session tags that you want to set as transitive

serialNumber

The identification number of the MFA device that is associated with the user who is making the AssumeRole call

tokenCode

The value provided by the MFA device, if the trust policy of the role being assumed requires MFA

sourceIdentity

The source identity specified by the principal that is calling the AssumeRole operation