sts/aws.sdk.kotlin.services.sts

Package-level declarations

Types

Security Token Service (STS) enables you to request temporary, limited-privilege credentials for users. This guide provides descriptions of the STS API. For more information about using this service, see Temporary Security Credentials.

Properties

SdkVersion

const val SdkVersion: String

ServiceApiVersion

const val ServiceApiVersion: String

ServiceId

const val ServiceId: String

Inherited functions

assumeRole

inline suspend fun StsClient.assumeRole(crossinline block: AssumeRoleRequest.Builder.() -> Unit): AssumeRoleResponse

Returns a set of temporary security credentials that you can use to access Amazon Web Services resources. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use AssumeRole within your account or for cross-account access. For a comparison of AssumeRole with other API operations that produce temporary credentials, see Requesting Temporary Security Credentials and Compare STS credentials in the IAM User Guide.

assumeRoleWithSaml

inline suspend fun StsClient.assumeRoleWithSaml(crossinline block: AssumeRoleWithSamlRequest.Builder.() -> Unit): AssumeRoleWithSamlResponse

Returns a set of temporary security credentials for users who have been authenticated via a SAML authentication response. This operation provides a mechanism for tying an enterprise identity store or directory to role-based Amazon Web Services access without user-specific credentials or configuration. For a comparison of AssumeRoleWithSAML with the other API operations that produce temporary credentials, see Requesting Temporary Security Credentials and Compare STS credentials in the IAM User Guide.

assumeRoleWithWebIdentity

inline suspend fun StsClient.assumeRoleWithWebIdentity(crossinline block: AssumeRoleWithWebIdentityRequest.Builder.() -> Unit): AssumeRoleWithWebIdentityResponse

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider. Example providers include the OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID Connect-compatible identity provider such as Google or Amazon Cognito federated identities.

assumeRoot

inline suspend fun StsClient.assumeRoot(crossinline block: AssumeRootRequest.Builder.() -> Unit): AssumeRootResponse

Returns a set of short term credentials you can use to perform privileged tasks on a member account in your organization.

decodeAuthorizationMessage

inline suspend fun StsClient.decodeAuthorizationMessage(crossinline block: DecodeAuthorizationMessageRequest.Builder.() -> Unit): DecodeAuthorizationMessageResponse

Decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request.

getAccessKeyInfo

inline suspend fun StsClient.getAccessKeyInfo(crossinline block: GetAccessKeyInfoRequest.Builder.() -> Unit): GetAccessKeyInfoResponse

Returns the account identifier for the specified access key ID.

getCallerIdentity

inline suspend fun StsClient.getCallerIdentity(crossinline block: GetCallerIdentityRequest.Builder.() -> Unit): GetCallerIdentityResponse

Returns details about the IAM user or role whose credentials are used to call the operation.

getFederationToken

inline suspend fun StsClient.getFederationToken(crossinline block: GetFederationTokenRequest.Builder.() -> Unit): GetFederationTokenResponse

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user. A typical use is in a proxy application that gets temporary security credentials on behalf of distributed applications inside a corporate network.

getSessionToken

inline suspend fun StsClient.getSessionToken(crossinline block: GetSessionTokenRequest.Builder.() -> Unit): GetSessionTokenResponse

Returns a set of temporary credentials for an Amazon Web Services account or IAM user. The credentials consist of an access key ID, a secret access key, and a security token. Typically, you use GetSessionToken if you want to use MFA to protect programmatic calls to specific Amazon Web Services API operations like Amazon EC2 StopInstances.

withConfig

fun StsClient.withConfig(block: StsClient.Config.Builder.() -> Unit): StsClient

Create a copy of the client with one or more configuration values overridden. This method allows the caller to perform scoped config overrides for one or more client operations.