aws-config/aws.sdk.kotlin.runtime.auth.credentials/AssumeRoleWithWebIdentityParameters/AssumeRoleWithWebIdentityParameters

AssumeRoleWithWebIdentityParameters

constructor(roleArn: String, webIdentityTokenFilePath: String, roleSessionName: String? = null, duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, providerId: String? = null, policyArns: List<String>? = null, policy: String? = null)

Parameters

roleArn

The ARN of the target role to assume, e.g. arn:aws:iam:123456789:role/example

webIdentityTokenFilePath

The path to the file containing a JWT token

roleSessionName

The name to associate with the session. Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also in the ARN of the assumed role principal.

duration

The expiry duration of the credentials. Defaults to 15 minutes if not set.

providerId

The fully qualified host component of the domain name of the OAuth 2.0 identity provider

policyArns

The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies

policy

An IAM policy in JSON format that you want to use as an inline session policy

© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Generated by dokka