Class: AWS::STS::Client
- Inherits:
-
Core::Client
- Object
- Core::Client
- AWS::STS::Client
- Extended by:
- Core::Client::QueryXML
- Defined in:
- lib/aws/sts/client.rb
Overview
Client class for AWS Security Token Service (STS).
Constant Summary collapse
- API_VERSION =
'2011-06-15'
- REGION_US_E1 =
'sts.amazonaws.com'
Instance Attribute Summary
Attributes inherited from Core::Client
Instance Method Summary collapse
-
#get_federation_token(options = {}) ⇒ Core::Response
Calls the GetFederationToken API operation.
-
#get_session_token(options = {}) ⇒ Core::Response
Calls the GetSessionToken API operation.
-
#initialize(*args) ⇒ Client
constructor
A new instance of Client.
Methods inherited from Core::Client
#operations, #with_http_handler, #with_options
Constructor Details
#initialize(*args) ⇒ Client
Returns a new instance of Client.
29 30 31 32 33 34 35 36 |
# File 'lib/aws/sts/client.rb', line 29 def initialize *args super unless config.use_ssl? msg = 'AWS Security Token Service (STS) requires ssl but the ' + ':use_ssl option is set to false. Try passing :use_ssl => true' raise ArgumentError, msg end end |
Instance Method Details
#get_federation_token(options = {}) ⇒ Core::Response
Calls the GetFederationToken API operation.
Options:
-
:name
- required - (String) The name of the federated user associated with the credentials. For information about limitations on user names, go to Limitations on IAM Entities in Using AWS Identity and Access Management. -
:policy
- (String) A policy specifying the permissions to associate with the credentials. The caller can delegate their own permissions by specifying a policy, and both policies will be checked when a service call is made. For more information about how permissions work in the context of temporary credentials, see Controlling Permissions in Temporary Credentials in Using AWS Identity and Access Management. -
:duration_seconds
- (Integer) The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default.
Response Structure:
-
:credentials
- (Hash)-
:access_key_id
- (String) -
:secret_access_key
- (String) -
:session_token
- (String) -
:expiration
- (Time)
-
-
:federated_user
- (Hash)-
:federated_user_id
- (String) -
:arn
- (String)
-
-
:packed_policy_size
- (Integer)
74 |
# File 'lib/aws/sts/client.rb', line 74 define_client_method :get_federation_token, 'GetFederationToken' |
#get_session_token(options = {}) ⇒ Core::Response
Calls the GetSessionToken API operation.
Options:
-
:duration_seconds
- (Integer) The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour). -
:serial_number
- (String) The identification number of the Multi-Factor Authentication (MFA) device for the user. If the user has an access policy requiring MFA to access resources, provide the value here. The number is in the Security Credentials tab of the user’s details pane in the IAM console. If the user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value such as arn:aws:iam::123456789012:mfa/user for a virtual device or the device serial number for a hardware device. -
:token_code
- (String) The value provided by the MFA device. If the user has an access policy requiring an MFA code, provide the value here to get permission to resources as specified in the access policy. If MFA is required, and a code not provided while requesting a set of temporary security credentials, the user will receive an “access denied” response when requesting resources that require MFA. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.
Response Structure:
-
:credentials
- (Hash)-
:access_key_id
- (String) -
:secret_access_key
- (String) -
:session_token
- (String) -
:expiration
- (Time)
-
113 |
# File 'lib/aws/sts/client.rb', line 113 define_client_method :get_session_token, 'GetSessionToken' |