Class: AWS::STS::Client

Inherits:

Core::Client

• Object
• Core::Client
• AWS::STS::Client

Extended by:

Core::Client::QueryXML

Defined in:

lib/aws/sts/client.rb

Overview

Client class for AWS Security Token Service (STS).

Constant Summary

API_VERSION =

'2011-06-15'

REGION_US_E1 =

'sts.amazonaws.com'

CACHEABLE_REQUESTS =

Set[]

Instance Attribute Summary

Attributes inherited from Core::Client

#config, #endpoint, #port, #service_ruby_name, #signer

Instance Method Summary

• #get_federation_token(options = {}) ⇒ Core::Response

  Calls the GetFederationToken API operation.

• #get_session_token(options = {}) ⇒ Core::Response

  Calls the GetSessionToken API operation.

• #initialize(*args) ⇒ Client constructor

  A new instance of Client.

Methods included from Core::Client::QueryXML

extended, option_parsers, xml_parsers

Methods inherited from Core::Client

#new_stub_for, #operations, #stub_for, #with_config, #with_http_handler, #with_options

Methods included from Core::Naming

#service_name, #service_ruby_name

Constructor Details

#initialize(*args) ⇒ Client

Returns a new instance of Client.

# File 'lib/aws/sts/client.rb', line 29

def initialize *args
  super
  unless config.use_ssl?
    msg = 'AWS Security Token Service (STS) requires ssl but the ' + 
      ':use_ssl option is set to false.  Try passing :use_ssl => true'
    raise ArgumentError, msg
  end
end

Instance Method Details

#get_federation_token(options = {}) ⇒ Core::Response

Calls the GetFederationToken API operation.

Options:

• :name - required - (String) The name of the federated user associated with the credentials. For information about limitations on user names, go to Limitations on IAM Entities in Using AWS Identity and Access Management.

• :policy - (String) A policy specifying the permissions to associate with the credentials. The caller can delegate their own permissions by specifying a policy, and both policies will be checked when a service call is made. For more information about how permissions work in the context of temporary credentials, see Controlling Permissions in Temporary Credentials in Using AWS Identity and Access Management.

• :duration_seconds - (Integer) The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default.

Response Structure:

• :credentials - (Hash)

  • :access_key_id - (String)

  • :secret_access_key - (String)

  • :session_token - (String)

  • :expiration - (Time)

• :federated_user - (Hash)

  • :federated_user_id - (String)

  • :arn - (String)

• :packed_policy_size - (Integer)

Returns:

• (Core::Response)

# File 'lib/aws/sts/client.rb', line 74

define_client_method :get_federation_token, 'GetFederationToken'

#get_session_token(options = {}) ⇒ Core::Response

Calls the GetSessionToken API operation.

Options:

• :duration_seconds - (Integer) The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

• :serial_number - (String)

• :token_code - (String)

Response Structure:

• :credentials - (Hash)

  • :access_key_id - (String)

  • :secret_access_key - (String)

  • :session_token - (String)

  • :expiration - (Time)

Returns:

• (Core::Response)

# File 'lib/aws/sts/client.rb', line 99

define_client_method :get_session_token, 'GetSessionToken'