Documentation ¶
Index ¶
- Constants
- type AssumeRoleRequest
- type AssumeRoleRequestParams
- type AssumeRoleResponse
- type AssumeRoleResponseParams
- type AssumeRoleWithSAMLRequest
- type AssumeRoleWithSAMLRequestParams
- type AssumeRoleWithSAMLResponse
- type AssumeRoleWithSAMLResponseParams
- type AssumeRoleWithWebIdentityRequest
- type AssumeRoleWithWebIdentityRequestParams
- type AssumeRoleWithWebIdentityResponse
- type AssumeRoleWithWebIdentityResponseParams
- type Client
- func (c *Client) AssumeRole(request *AssumeRoleRequest) (response *AssumeRoleResponse, err error)
- func (c *Client) AssumeRoleWithContext(ctx context.Context, request *AssumeRoleRequest) (response *AssumeRoleResponse, err error)
- func (c *Client) AssumeRoleWithSAML(request *AssumeRoleWithSAMLRequest) (response *AssumeRoleWithSAMLResponse, err error)
- func (c *Client) AssumeRoleWithSAMLWithContext(ctx context.Context, request *AssumeRoleWithSAMLRequest) (response *AssumeRoleWithSAMLResponse, err error)
- func (c *Client) AssumeRoleWithWebIdentity(request *AssumeRoleWithWebIdentityRequest) (response *AssumeRoleWithWebIdentityResponse, err error)
- func (c *Client) AssumeRoleWithWebIdentityWithContext(ctx context.Context, request *AssumeRoleWithWebIdentityRequest) (response *AssumeRoleWithWebIdentityResponse, err error)
- func (c *Client) GetCallerIdentity(request *GetCallerIdentityRequest) (response *GetCallerIdentityResponse, err error)
- func (c *Client) GetCallerIdentityWithContext(ctx context.Context, request *GetCallerIdentityRequest) (response *GetCallerIdentityResponse, err error)
- func (c *Client) GetFederationToken(request *GetFederationTokenRequest) (response *GetFederationTokenResponse, err error)
- func (c *Client) GetFederationTokenWithContext(ctx context.Context, request *GetFederationTokenRequest) (response *GetFederationTokenResponse, err error)
- type Credentials
- type GetCallerIdentityRequest
- type GetCallerIdentityRequestParams
- type GetCallerIdentityResponse
- type GetCallerIdentityResponseParams
- type GetFederationTokenRequest
- type GetFederationTokenRequestParams
- type GetFederationTokenResponse
- type GetFederationTokenResponseParams
- type Tag
Constants ¶
const ( // Invalid key. AUTHFAILURE_ACCESSKEYILLEGAL = "AuthFailure.AccessKeyIllegal" // Database error. INTERNALERROR_DBERROR = "InternalError.DbError" // Encryption failed. INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" // Failed to get the `appid`. INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" // Failed to get the role. INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" // Failed to obtain the token. INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" // Invalid role. INTERNALERROR_ILLEGALROLE = "InternalError.IllegalRole" // pb packaging failed. INTERNALERROR_PBSERIALIZEERROR = "InternalError.PbSerializeError" // Internal system error, such as network error. INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" // Unknown error. INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" // This type of key is not supported. INVALIDPARAMETER_ACCESSKEYNOTSUPPORT = "InvalidParameter.AccessKeyNotSupport" // The account does not exist or is unavailable. INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" // The extension policy is too large. INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" // Unauthorized access to the resource. INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" // Frequency limit exceeded. INVALIDPARAMETER_OVERLIMIT = "InvalidParameter.OverLimit" // The expiration time exceeds the threshold. INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" // Invalid parameter. INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" // The policy is too long. INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" // Six-segment resource description error. INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" // Policy syntax error. INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" // Invalid policy. INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" // Invalid temporary code. INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" // WebIdentityToken parameter error INVALIDPARAMETER_WEBIDENTITYTOKENERROR = "InvalidParameter.WebIdentityTokenError" // The role corresponding to the account does not exist. RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" // Unauthorized operation. UNAUTHORIZEDOPERATION = "UnauthorizedOperation" // Unsupported operation. UNSUPPORTEDOPERATION = "UnsupportedOperation" )
const APIVersion = "2018-08-13"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AssumeRoleRequest ¶
type AssumeRoleRequest struct { *tchttp.BaseRequest // Resource descriptions of a role, which can be obtained by clicking the role name in the [CAM console](https://console.cloud.tencent.com/cam/role). // General role: // qcs::cam::uin/12345678:role/4611686018427397919, qcs::cam::uin/12345678:roleName/testRoleName // Service role: // qcs::cam::uin/12345678:role/tencentcloudServiceRole/4611686018427397920, qcs::cam::uin/12345678:role/tencentcloudServiceRoleName/testServiceRoleName RoleArn *string `json:"RoleArn,omitempty" name:"RoleArn"` // User-defined temporary session name. // It can contain 2-128 letters, digits, and symbols (=,.@_-). Regex: [\w+=,.@_-]* RoleSessionName *string `json:"RoleSessionName,omitempty" name:"RoleSessionName"` // Specifies the validity period of credentials in seconds. Default value: 7200. Maximum value: 43200 DurationSeconds *uint64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` // Policy description // Note: // 1. The policy needs to be URL-encoded (if you request a TencentCloud API through the GET method, all parameters must be URL-encoded again in accordance with [Signature v3](https://intl.cloud.tencent.com/document/api/598/33159?from_cn_redirect=1#1.-.E6.8B.BC.E6.8E.A5.E8.A7.84.E8.8C.83.E8.AF.B7.E6.B1.82.E4.B8.B2) before the request is sent). // 2. For the policy syntax, please see CAM's [Syntax Logic](https://intl.cloud.tencent.com/document/product/598/10603?from_cn_redirect=1). // 3. The policy cannot contain the `principal` element. Policy *string `json:"Policy,omitempty" name:"Policy"` // External role ID, which can be obtained by clicking the role name in the [CAM console](https://console.cloud.tencent.com/cam/role). // It can contain 2-128 letters, digits, and symbols (=,.@:/-). Regex: [\w+=,.@:\/-]* ExternalId *string `json:"ExternalId,omitempty" name:"ExternalId"` // List of session tags. Up to 50 tags are allowed. The tag keys can not duplicate. Tags []*Tag `json:"Tags,omitempty" name:"Tags"` // UIN of the initiator SourceIdentity *string `json:"SourceIdentity,omitempty" name:"SourceIdentity"` }
func NewAssumeRoleRequest ¶
func NewAssumeRoleRequest() (request *AssumeRoleRequest)
func (*AssumeRoleRequest) FromJsonString ¶
func (r *AssumeRoleRequest) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*AssumeRoleRequest) ToJsonString ¶
func (r *AssumeRoleRequest) ToJsonString() string
type AssumeRoleRequestParams ¶
type AssumeRoleRequestParams struct { // Resource descriptions of a role, which can be obtained by clicking the role name in the [CAM console](https://console.cloud.tencent.com/cam/role). // General role: // qcs::cam::uin/12345678:role/4611686018427397919, qcs::cam::uin/12345678:roleName/testRoleName // Service role: // qcs::cam::uin/12345678:role/tencentcloudServiceRole/4611686018427397920, qcs::cam::uin/12345678:role/tencentcloudServiceRoleName/testServiceRoleName RoleArn *string `json:"RoleArn,omitempty" name:"RoleArn"` // User-defined temporary session name. // It can contain 2-128 letters, digits, and symbols (=,.@_-). Regex: [\w+=,.@_-]* RoleSessionName *string `json:"RoleSessionName,omitempty" name:"RoleSessionName"` // Specifies the validity period of credentials in seconds. Default value: 7200. Maximum value: 43200 DurationSeconds *uint64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` // Policy description // Note: // 1. The policy needs to be URL-encoded (if you request a TencentCloud API through the GET method, all parameters must be URL-encoded again in accordance with [Signature v3](https://intl.cloud.tencent.com/document/api/598/33159?from_cn_redirect=1#1.-.E6.8B.BC.E6.8E.A5.E8.A7.84.E8.8C.83.E8.AF.B7.E6.B1.82.E4.B8.B2) before the request is sent). // 2. For the policy syntax, please see CAM's [Syntax Logic](https://intl.cloud.tencent.com/document/product/598/10603?from_cn_redirect=1). // 3. The policy cannot contain the `principal` element. Policy *string `json:"Policy,omitempty" name:"Policy"` // External role ID, which can be obtained by clicking the role name in the [CAM console](https://console.cloud.tencent.com/cam/role). // It can contain 2-128 letters, digits, and symbols (=,.@:/-). Regex: [\w+=,.@:\/-]* ExternalId *string `json:"ExternalId,omitempty" name:"ExternalId"` // List of session tags. Up to 50 tags are allowed. The tag keys can not duplicate. Tags []*Tag `json:"Tags,omitempty" name:"Tags"` // UIN of the initiator SourceIdentity *string `json:"SourceIdentity,omitempty" name:"SourceIdentity"` }
Predefined struct for user
type AssumeRoleResponse ¶
type AssumeRoleResponse struct { *tchttp.BaseResponse Response *AssumeRoleResponseParams `json:"Response"` }
func NewAssumeRoleResponse ¶
func NewAssumeRoleResponse() (response *AssumeRoleResponse)
func (*AssumeRoleResponse) FromJsonString ¶
func (r *AssumeRoleResponse) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*AssumeRoleResponse) ToJsonString ¶
func (r *AssumeRoleResponse) ToJsonString() string
type AssumeRoleResponseParams ¶
type AssumeRoleResponseParams struct { // Temporary security credentials Credentials *Credentials `json:"Credentials,omitempty" name:"Credentials"` // Credentials expiration time. A Unix timestamp will be returned which is accurate to the second ExpiredTime *int64 `json:"ExpiredTime,omitempty" name:"ExpiredTime"` // Credentials expiration time in UTC time in ISO 8601 format. Expiration *string `json:"Expiration,omitempty" name:"Expiration"` // The unique request ID, which is returned for each request. RequestId is required for locating a problem. RequestId *string `json:"RequestId,omitempty" name:"RequestId"` }
Predefined struct for user
type AssumeRoleWithSAMLRequest ¶
type AssumeRoleWithSAMLRequest struct { *tchttp.BaseRequest // Base64-encoded SAML assertion SAMLAssertion *string `json:"SAMLAssertion,omitempty" name:"SAMLAssertion"` // Principal access description name PrincipalArn *string `json:"PrincipalArn,omitempty" name:"PrincipalArn"` // Role access description name RoleArn *string `json:"RoleArn,omitempty" name:"RoleArn"` // Session name RoleSessionName *string `json:"RoleSessionName,omitempty" name:"RoleSessionName"` // The validity period of the temporary credentials in seconds. Default value: 7,200s. Maximum value: 43,200s. DurationSeconds *uint64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` }
func NewAssumeRoleWithSAMLRequest ¶
func NewAssumeRoleWithSAMLRequest() (request *AssumeRoleWithSAMLRequest)
func (*AssumeRoleWithSAMLRequest) FromJsonString ¶
func (r *AssumeRoleWithSAMLRequest) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*AssumeRoleWithSAMLRequest) ToJsonString ¶
func (r *AssumeRoleWithSAMLRequest) ToJsonString() string
type AssumeRoleWithSAMLRequestParams ¶
type AssumeRoleWithSAMLRequestParams struct { // Base64-encoded SAML assertion SAMLAssertion *string `json:"SAMLAssertion,omitempty" name:"SAMLAssertion"` // Principal access description name PrincipalArn *string `json:"PrincipalArn,omitempty" name:"PrincipalArn"` // Role access description name RoleArn *string `json:"RoleArn,omitempty" name:"RoleArn"` // Session name RoleSessionName *string `json:"RoleSessionName,omitempty" name:"RoleSessionName"` // The validity period of the temporary credentials in seconds. Default value: 7,200s. Maximum value: 43,200s. DurationSeconds *uint64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` }
Predefined struct for user
type AssumeRoleWithSAMLResponse ¶
type AssumeRoleWithSAMLResponse struct { *tchttp.BaseResponse Response *AssumeRoleWithSAMLResponseParams `json:"Response"` }
func NewAssumeRoleWithSAMLResponse ¶
func NewAssumeRoleWithSAMLResponse() (response *AssumeRoleWithSAMLResponse)
func (*AssumeRoleWithSAMLResponse) FromJsonString ¶
func (r *AssumeRoleWithSAMLResponse) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*AssumeRoleWithSAMLResponse) ToJsonString ¶
func (r *AssumeRoleWithSAMLResponse) ToJsonString() string
type AssumeRoleWithSAMLResponseParams ¶
type AssumeRoleWithSAMLResponseParams struct { // An object consists of the `Token`, `TmpSecretId`, and `TmpSecretId` Credentials *Credentials `json:"Credentials,omitempty" name:"Credentials"` // Credentials expiration time. A Unix timestamp will be returned which is accurate to the second ExpiredTime *uint64 `json:"ExpiredTime,omitempty" name:"ExpiredTime"` // Credentials expiration time in UTC time in ISO 8601 format. Expiration *string `json:"Expiration,omitempty" name:"Expiration"` // The unique request ID, which is returned for each request. RequestId is required for locating a problem. RequestId *string `json:"RequestId,omitempty" name:"RequestId"` }
Predefined struct for user
type AssumeRoleWithWebIdentityRequest ¶
type AssumeRoleWithWebIdentityRequest struct { *tchttp.BaseRequest // Identity provider name ProviderId *string `json:"ProviderId,omitempty" name:"ProviderId"` // OIDC token issued by the IdP WebIdentityToken *string `json:"WebIdentityToken,omitempty" name:"WebIdentityToken"` // Role access description name RoleArn *string `json:"RoleArn,omitempty" name:"RoleArn"` // Session name RoleSessionName *string `json:"RoleSessionName,omitempty" name:"RoleSessionName"` // The validity period of the temporary credential in seconds. Default value: 7,200s. Maximum value: 43,200s. DurationSeconds *int64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` }
func NewAssumeRoleWithWebIdentityRequest ¶
func NewAssumeRoleWithWebIdentityRequest() (request *AssumeRoleWithWebIdentityRequest)
func (*AssumeRoleWithWebIdentityRequest) FromJsonString ¶
func (r *AssumeRoleWithWebIdentityRequest) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*AssumeRoleWithWebIdentityRequest) ToJsonString ¶
func (r *AssumeRoleWithWebIdentityRequest) ToJsonString() string
type AssumeRoleWithWebIdentityRequestParams ¶
type AssumeRoleWithWebIdentityRequestParams struct { // Identity provider name ProviderId *string `json:"ProviderId,omitempty" name:"ProviderId"` // OIDC token issued by the IdP WebIdentityToken *string `json:"WebIdentityToken,omitempty" name:"WebIdentityToken"` // Role access description name RoleArn *string `json:"RoleArn,omitempty" name:"RoleArn"` // Session name RoleSessionName *string `json:"RoleSessionName,omitempty" name:"RoleSessionName"` // The validity period of the temporary credential in seconds. Default value: 7,200s. Maximum value: 43,200s. DurationSeconds *int64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` }
Predefined struct for user
type AssumeRoleWithWebIdentityResponse ¶
type AssumeRoleWithWebIdentityResponse struct { *tchttp.BaseResponse Response *AssumeRoleWithWebIdentityResponseParams `json:"Response"` }
func NewAssumeRoleWithWebIdentityResponse ¶
func NewAssumeRoleWithWebIdentityResponse() (response *AssumeRoleWithWebIdentityResponse)
func (*AssumeRoleWithWebIdentityResponse) FromJsonString ¶
func (r *AssumeRoleWithWebIdentityResponse) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*AssumeRoleWithWebIdentityResponse) ToJsonString ¶
func (r *AssumeRoleWithWebIdentityResponse) ToJsonString() string
type AssumeRoleWithWebIdentityResponseParams ¶
type AssumeRoleWithWebIdentityResponseParams struct { // Expiration time of the temporary credential (timestamp) ExpiredTime *uint64 `json:"ExpiredTime,omitempty" name:"ExpiredTime"` // Expiration time of the temporary credential Expiration *string `json:"Expiration,omitempty" name:"Expiration"` // Temporary credential Credentials *Credentials `json:"Credentials,omitempty" name:"Credentials"` // The unique request ID, which is returned for each request. RequestId is required for locating a problem. RequestId *string `json:"RequestId,omitempty" name:"RequestId"` }
Predefined struct for user
type Client ¶
func NewClient ¶
func NewClient(credential common.CredentialIface, region string, clientProfile *profile.ClientProfile) (client *Client, err error)
func NewClientWithSecretId ¶
Deprecated
func (*Client) AssumeRole ¶
func (c *Client) AssumeRole(request *AssumeRoleRequest) (response *AssumeRoleResponse, err error)
AssumeRole This API is used to request for the temporary security credentials of a role.
error code that may be returned:
INTERNALERROR_DBERROR = "InternalError.DbError" INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INTERNALERROR_ILLEGALROLE = "InternalError.IllegalRole" INTERNALERROR_PBSERIALIZEERROR = "InternalError.PbSerializeError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" INVALIDPARAMETER_OVERLIMIT = "InvalidParameter.OverLimit" INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" UNAUTHORIZEDOPERATION = "UnauthorizedOperation" UNSUPPORTEDOPERATION = "UnsupportedOperation"
func (*Client) AssumeRoleWithContext ¶
func (c *Client) AssumeRoleWithContext(ctx context.Context, request *AssumeRoleRequest) (response *AssumeRoleResponse, err error)
AssumeRole This API is used to request for the temporary security credentials of a role.
error code that may be returned:
INTERNALERROR_DBERROR = "InternalError.DbError" INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INTERNALERROR_ILLEGALROLE = "InternalError.IllegalRole" INTERNALERROR_PBSERIALIZEERROR = "InternalError.PbSerializeError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" INVALIDPARAMETER_OVERLIMIT = "InvalidParameter.OverLimit" INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" UNAUTHORIZEDOPERATION = "UnauthorizedOperation" UNSUPPORTEDOPERATION = "UnsupportedOperation"
func (*Client) AssumeRoleWithSAML ¶
func (c *Client) AssumeRoleWithSAML(request *AssumeRoleWithSAMLRequest) (response *AssumeRoleWithSAMLResponse, err error)
AssumeRoleWithSAML This API is used to request for the temporary credentials for a role that has been authenticated via a SAML assertion.
error code that may be returned:
INTERNALERROR_DBERROR = "InternalError.DbError" INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INTERNALERROR_ILLEGALROLE = "InternalError.IllegalRole" INTERNALERROR_PBSERIALIZEERROR = "InternalError.PbSerializeError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" UNAUTHORIZEDOPERATION = "UnauthorizedOperation"
func (*Client) AssumeRoleWithSAMLWithContext ¶
func (c *Client) AssumeRoleWithSAMLWithContext(ctx context.Context, request *AssumeRoleWithSAMLRequest) (response *AssumeRoleWithSAMLResponse, err error)
AssumeRoleWithSAML This API is used to request for the temporary credentials for a role that has been authenticated via a SAML assertion.
error code that may be returned:
INTERNALERROR_DBERROR = "InternalError.DbError" INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INTERNALERROR_ILLEGALROLE = "InternalError.IllegalRole" INTERNALERROR_PBSERIALIZEERROR = "InternalError.PbSerializeError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" UNAUTHORIZEDOPERATION = "UnauthorizedOperation"
func (*Client) AssumeRoleWithWebIdentity ¶
func (c *Client) AssumeRoleWithWebIdentity(request *AssumeRoleWithWebIdentityRequest) (response *AssumeRoleWithWebIdentityResponse, err error)
AssumeRoleWithWebIdentity This API is used to apply for an OIDC role credential.
error code that may be returned:
INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_WEBIDENTITYTOKENERROR = "InvalidParameter.WebIdentityTokenError" UNAUTHORIZEDOPERATION = "UnauthorizedOperation"
func (*Client) AssumeRoleWithWebIdentityWithContext ¶
func (c *Client) AssumeRoleWithWebIdentityWithContext(ctx context.Context, request *AssumeRoleWithWebIdentityRequest) (response *AssumeRoleWithWebIdentityResponse, err error)
AssumeRoleWithWebIdentity This API is used to apply for an OIDC role credential.
error code that may be returned:
INTERNALERROR_GETROLEERROR = "InternalError.GetRoleError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INTERNALERROR_UNKNOWNERROR = "InternalError.UnknownError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_WEBIDENTITYTOKENERROR = "InvalidParameter.WebIdentityTokenError" UNAUTHORIZEDOPERATION = "UnauthorizedOperation"
func (*Client) GetCallerIdentity ¶
func (c *Client) GetCallerIdentity(request *GetCallerIdentityRequest) (response *GetCallerIdentityResponse, err error)
GetCallerIdentity This API is used to get the identity information of the current caller.
The persistent keys of the root account and sub-account as well as the temporary credentials generated by `AssumeRole` and `GetFederationToken` can be used to get the identity information.
error code that may be returned:
AUTHFAILURE_ACCESSKEYILLEGAL = "AuthFailure.AccessKeyIllegal" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INVALIDPARAMETER_ACCESSKEYNOTSUPPORT = "InvalidParameter.AccessKeyNotSupport"
func (*Client) GetCallerIdentityWithContext ¶
func (c *Client) GetCallerIdentityWithContext(ctx context.Context, request *GetCallerIdentityRequest) (response *GetCallerIdentityResponse, err error)
GetCallerIdentity This API is used to get the identity information of the current caller.
The persistent keys of the root account and sub-account as well as the temporary credentials generated by `AssumeRole` and `GetFederationToken` can be used to get the identity information.
error code that may be returned:
AUTHFAILURE_ACCESSKEYILLEGAL = "AuthFailure.AccessKeyIllegal" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INVALIDPARAMETER_ACCESSKEYNOTSUPPORT = "InvalidParameter.AccessKeyNotSupport"
func (*Client) GetFederationToken ¶
func (c *Client) GetFederationToken(request *GetFederationTokenRequest) (response *GetFederationTokenResponse, err error)
GetFederationToken This API is used to get temporary credentials for a federated user.
error code that may be returned:
INTERNALERROR_DBERROR = "InternalError.DbError" INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" UNAUTHORIZEDOPERATION = "UnauthorizedOperation"
func (*Client) GetFederationTokenWithContext ¶
func (c *Client) GetFederationTokenWithContext(ctx context.Context, request *GetFederationTokenRequest) (response *GetFederationTokenResponse, err error)
GetFederationToken This API is used to get temporary credentials for a federated user.
error code that may be returned:
INTERNALERROR_DBERROR = "InternalError.DbError" INTERNALERROR_ENCRYPTERROR = "InternalError.EncryptError" INTERNALERROR_GETAPPIDERROR = "InternalError.GetAppIdError" INTERNALERROR_GETSEEDTOKENERROR = "InternalError.GetSeedTokenError" INTERNALERROR_SYSTEMERROR = "InternalError.SystemError" INVALIDPARAMETER_ACCOUNTNOTAVALIABLE = "InvalidParameter.AccountNotAvaliable" INVALIDPARAMETER_EXTENDSTRATEGYOVERSIZE = "InvalidParameter.ExtendStrategyOverSize" INVALIDPARAMETER_GRANTOTHERRESOURCE = "InvalidParameter.GrantOtherResource" INVALIDPARAMETER_OVERTIMEERROR = "InvalidParameter.OverTimeError" INVALIDPARAMETER_PARAMERROR = "InvalidParameter.ParamError" INVALIDPARAMETER_POLICYTOOLONG = "InvalidParameter.PolicyTooLong" INVALIDPARAMETER_RESOUCEERROR = "InvalidParameter.ResouceError" INVALIDPARAMETER_STRATEGYFORMATERROR = "InvalidParameter.StrategyFormatError" INVALIDPARAMETER_STRATEGYINVALID = "InvalidParameter.StrategyInvalid" INVALIDPARAMETER_TEMPCODENOTAVALIABLE = "InvalidParameter.TempCodeNotAvaliable" RESOURCENOTFOUND_ROLENOTFOUND = "ResourceNotFound.RoleNotFound" UNAUTHORIZEDOPERATION = "UnauthorizedOperation"
type Credentials ¶
type Credentials struct { // Token, which contains up to 4,096 bytes depending on the associated policies. Token *string `json:"Token,omitempty" name:"Token"` // Temporary credentials key ID, which contains up to 1,024 bytes. TmpSecretId *string `json:"TmpSecretId,omitempty" name:"TmpSecretId"` // Temporary credentials key, which contains up to 1,024 bytes. TmpSecretKey *string `json:"TmpSecretKey,omitempty" name:"TmpSecretKey"` }
type GetCallerIdentityRequest ¶
type GetCallerIdentityRequest struct {
*tchttp.BaseRequest
}
func NewGetCallerIdentityRequest ¶
func NewGetCallerIdentityRequest() (request *GetCallerIdentityRequest)
func (*GetCallerIdentityRequest) FromJsonString ¶
func (r *GetCallerIdentityRequest) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*GetCallerIdentityRequest) ToJsonString ¶
func (r *GetCallerIdentityRequest) ToJsonString() string
type GetCallerIdentityRequestParams ¶
type GetCallerIdentityRequestParams struct { }
Predefined struct for user
type GetCallerIdentityResponse ¶
type GetCallerIdentityResponse struct { *tchttp.BaseResponse Response *GetCallerIdentityResponseParams `json:"Response"` }
func NewGetCallerIdentityResponse ¶
func NewGetCallerIdentityResponse() (response *GetCallerIdentityResponse)
func (*GetCallerIdentityResponse) FromJsonString ¶
func (r *GetCallerIdentityResponse) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*GetCallerIdentityResponse) ToJsonString ¶
func (r *GetCallerIdentityResponse) ToJsonString() string
type GetCallerIdentityResponseParams ¶
type GetCallerIdentityResponseParams struct { // ARN of the current caller. Arn *string `json:"Arn,omitempty" name:"Arn"` // Root account UIN of the current caller. AccountId *string `json:"AccountId,omitempty" name:"AccountId"` // User ID. // 1. If the caller is a Tencent Cloud account, the UIN of the current account is returned. // 2. If the caller is a role, `roleId:roleSessionName` is returned. // 3. If the caller is a federated user, `uin:federatedUserName` is returned. UserId *string `json:"UserId,omitempty" name:"UserId"` // Account UIN. // 1. If the caller is a Tencent Cloud account, the UIN of the current account is returned. // 2. If the caller is a role, the UIN of the account that applies for the role is returned. PrincipalId *string `json:"PrincipalId,omitempty" name:"PrincipalId"` // Identity type. Type *string `json:"Type,omitempty" name:"Type"` // The unique request ID, which is returned for each request. RequestId is required for locating a problem. RequestId *string `json:"RequestId,omitempty" name:"RequestId"` }
Predefined struct for user
type GetFederationTokenRequest ¶
type GetFederationTokenRequest struct { *tchttp.BaseRequest // The customizable name of the caller, consisting of letters Name *string `json:"Name,omitempty" name:"Name"` // Policy description // Note: // 1. The policy needs to be URL-encoded (if you request a TencentCloud API through the GET method, all parameters must be URL-encoded again in accordance with [Signature v3](https://intl.cloud.tencent.com/document/api/598/33159?from_cn_redirect=1#1.-.E6.8B.BC.E6.8E.A5.E8.A7.84.E8.8C.83.E8.AF.B7.E6.B1.82.E4.B8.B2) before the request is sent). // 2. For the policy syntax, please see CAM's [Syntax Logic](https://intl.cloud.tencent.com/document/product/598/10603?from_cn_redirect=1). // 3. The policy cannot contain the `principal` element. Policy *string `json:"Policy,omitempty" name:"Policy"` // The validity period of temporary credentials in seconds. Default value: 1,800s. Maximum value for a root account: 7,200s. Maximum value for a sub-account: 129,600s. DurationSeconds *uint64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` }
func NewGetFederationTokenRequest ¶
func NewGetFederationTokenRequest() (request *GetFederationTokenRequest)
func (*GetFederationTokenRequest) FromJsonString ¶
func (r *GetFederationTokenRequest) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*GetFederationTokenRequest) ToJsonString ¶
func (r *GetFederationTokenRequest) ToJsonString() string
type GetFederationTokenRequestParams ¶
type GetFederationTokenRequestParams struct { // The customizable name of the caller, consisting of letters Name *string `json:"Name,omitempty" name:"Name"` // Policy description // Note: // 1. The policy needs to be URL-encoded (if you request a TencentCloud API through the GET method, all parameters must be URL-encoded again in accordance with [Signature v3](https://intl.cloud.tencent.com/document/api/598/33159?from_cn_redirect=1#1.-.E6.8B.BC.E6.8E.A5.E8.A7.84.E8.8C.83.E8.AF.B7.E6.B1.82.E4.B8.B2) before the request is sent). // 2. For the policy syntax, please see CAM's [Syntax Logic](https://intl.cloud.tencent.com/document/product/598/10603?from_cn_redirect=1). // 3. The policy cannot contain the `principal` element. Policy *string `json:"Policy,omitempty" name:"Policy"` // The validity period of temporary credentials in seconds. Default value: 1,800s. Maximum value for a root account: 7,200s. Maximum value for a sub-account: 129,600s. DurationSeconds *uint64 `json:"DurationSeconds,omitempty" name:"DurationSeconds"` }
Predefined struct for user
type GetFederationTokenResponse ¶
type GetFederationTokenResponse struct { *tchttp.BaseResponse Response *GetFederationTokenResponseParams `json:"Response"` }
func NewGetFederationTokenResponse ¶
func NewGetFederationTokenResponse() (response *GetFederationTokenResponse)
func (*GetFederationTokenResponse) FromJsonString ¶
func (r *GetFederationTokenResponse) FromJsonString(s string) error
FromJsonString It is highly **NOT** recommended to use this function because it has no param check, nor strict type check
func (*GetFederationTokenResponse) ToJsonString ¶
func (r *GetFederationTokenResponse) ToJsonString() string
type GetFederationTokenResponseParams ¶
type GetFederationTokenResponseParams struct { // Temporary credentials Credentials *Credentials `json:"Credentials,omitempty" name:"Credentials"` // Temporary credentials expiration time. A Unix timestamp will be returned which is accurate to the second ExpiredTime *uint64 `json:"ExpiredTime,omitempty" name:"ExpiredTime"` // Credentials expiration time in UTC time in ISO 8601 format. // Note: this field may return null, indicating that no valid values can be obtained. Expiration *string `json:"Expiration,omitempty" name:"Expiration"` // The unique request ID, which is returned for each request. RequestId is required for locating a problem. RequestId *string `json:"RequestId,omitempty" name:"RequestId"` }
Predefined struct for user