aws-config/aws.sdk.kotlin.runtime.auth.credentials/AssumeRoleWithWebIdentityParameters

AssumeRoleWithWebIdentityParameters

class AssumeRoleWithWebIdentityParameters(val roleArn: String, val webIdentityTokenFilePath: String, val roleSessionName: String? = null, val duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, val providerId: String? = null, val policyArns: List<String>? = null, val policy: String? = null)

Parameters passed to an AssumeRoleWithWebIdentity call

Parameters

roleArn

The ARN of the target role to assume, e.g. arn:aws:iam:123456789:role/example

webIdentityTokenFilePath

The path to the file containing a JWT token

roleSessionName

The name to associate with the session. Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also in the ARN of the assumed role principal.

duration

The expiry duration of the credentials. Defaults to 15 minutes if not set.

providerId

The fully qualified host component of the domain name of the OAuth 2.0 identity provider

policyArns

The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies

policy

An IAM policy in JSON format that you want to use as an inline session policy

Constructors

Link copied to clipboard
constructor(roleArn: String, webIdentityTokenFilePath: String, roleSessionName: String? = null, duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, providerId: String? = null, policyArns: List<String>? = null, policy: String? = null)

Properties

Link copied to clipboard
Link copied to clipboard
val policy: String? = null
Link copied to clipboard
val policyArns: List<String>? = null
Link copied to clipboard
val providerId: String? = null
Link copied to clipboard
Link copied to clipboard
val roleSessionName: String? = null
Link copied to clipboard