sts: AWS Security Token Service

Description

Security Token Service

Security Token Service (STS) enables you to request temporary, limited-privilege credentials for users. This guide provides descriptions of the STS API. For more information about using this service, see Temporary Security Credentials.

Usage

sts(config = list(), credentials = list(), endpoint = NULL, region = NULL)

Value

A client for the service. You can call the service's operations using syntax like svc$operation(...), where svc is the name you've assigned to the client. The available operations are listed in the Operations section.

Arguments

config

Optional configuration of credentials, endpoint, and/or region.

credentials:
- creds:
  - access_key_id: AWS access key ID
  - secret_access_key: AWS secret access key
  - session_token: AWS temporary session token
- profile: The name of a profile to use. If not given, then the default profile is used.
- anonymous: Set anonymous credentials.
endpoint: The complete URL to use for the constructed client.
region: The AWS Region used in instantiating the client.
close_connection: Immediately close all HTTP connections.
timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.
s3_force_path_style: Set this to true to force the request to use path-style addressing, i.e. http://s3.amazonaws.com/BUCKET/KEY.
sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html

credentials

Optional credentials shorthand for the config parameter

creds:
- access_key_id: AWS access key ID
- secret_access_key: AWS secret access key
- session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.

endpoint

Optional shorthand for complete URL to use for the constructed client.

region

Optional shorthand for AWS Region used in instantiating the client.

Service syntax

svc <- sts(
  config = list(
    credentials = list(
      creds = list(
        access_key_id = "string",
        secret_access_key = "string",
        session_token = "string"
      ),
      profile = "string",
      anonymous = "logical"
    ),
    endpoint = "string",
    region = "string",
    close_connection = "logical",
    timeout = "numeric",
    s3_force_path_style = "logical",
    sts_regional_endpoint = "string"
  ),
  credentials = list(
    creds = list(
      access_key_id = "string",
      secret_access_key = "string",
      session_token = "string"
    ),
    profile = "string",
    anonymous = "logical"
  ),
  endpoint = "string",
  region = "string"
)

Operations

assume_role	Returns a set of temporary security credentials that you can use to access Amazon Web Services resources
assume_role_with_saml	Returns a set of temporary security credentials for users who have been authenticated via a SAML authentication response
assume_role_with_web_identity	Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider
decode_authorization_message	Decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request
get_access_key_info	Returns the account identifier for the specified access key ID
get_caller_identity	Returns details about the IAM user or role whose credentials are used to call the operation
get_federation_token	Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user
get_session_token	Returns a set of temporary credentials for an Amazon Web Services account or IAM user

Examples

Run this code

if (FALSE) {
svc <- sts()
# 
svc$assume_role(
  ExternalId = "123ABC",
  Policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"A...",
  RoleArn = "arn:aws:iam::123456789012:role/demo",
  RoleSessionName = "testAssumeRoleSession",
  Tags = list(
    list(
      Key = "Project",
      Value = "Unicorn"
    ),
    list(
      Key = "Team",
      Value = "Automation"
    ),
    list(
      Key = "Cost-Center",
      Value = "12345"
    )
  ),
  TransitiveTagKeys = list(
    "Project",
    "Cost-Center"
  )
)
}

Run the code above in your browser using DataLab