types

package
v0.29.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 31, 2020 License: Apache-2.0 Imports: 3 Imported by: 71

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AssumedRoleUser

type AssumedRoleUser struct {

	// The ARN of the temporary security credentials that are returned from the
	// AssumeRole action. For more information about ARNs and how to use them in
	// policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	//
	// This member is required.
	Arn *string

	// A unique identifier that contains the role ID and the role session name of the
	// role that is being assumed. The role ID is generated by AWS when the role is
	// created.
	//
	// This member is required.
	AssumedRoleId *string
}

The identifiers for the temporary security credentials that the operation returns.

type Credentials

type Credentials struct {

	// The access key ID that identifies the temporary security credentials.
	//
	// This member is required.
	AccessKeyId *string

	// The date on which the current credentials expire.
	//
	// This member is required.
	Expiration *time.Time

	// The secret access key that can be used to sign requests.
	//
	// This member is required.
	SecretAccessKey *string

	// The token that users must pass to the service API to use the temporary
	// credentials.
	//
	// This member is required.
	SessionToken *string
}

AWS credentials for API authentication.

type ExpiredTokenException

type ExpiredTokenException struct {
	Message *string
}

The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.

func (*ExpiredTokenException) Error

func (e *ExpiredTokenException) Error() string

func (*ExpiredTokenException) ErrorCode

func (e *ExpiredTokenException) ErrorCode() string

func (*ExpiredTokenException) ErrorFault

func (e *ExpiredTokenException) ErrorFault() smithy.ErrorFault

func (*ExpiredTokenException) ErrorMessage

func (e *ExpiredTokenException) ErrorMessage() string

type FederatedUser

type FederatedUser struct {

	// The ARN that specifies the federated user that is associated with the
	// credentials. For more information about ARNs and how to use them in policies,
	// see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The string that identifies the federated user associated with the credentials,
	// similar to the unique ID of an IAM user.
	//
	// This member is required.
	FederatedUserId *string
}

Identifiers for the federated user that is associated with the credentials.

type IDPCommunicationErrorException

type IDPCommunicationErrorException struct {
	Message *string
}

The request could not be fulfilled because the identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the identity provider might be down or not responding.

func (*IDPCommunicationErrorException) Error

func (*IDPCommunicationErrorException) ErrorCode

func (e *IDPCommunicationErrorException) ErrorCode() string

func (*IDPCommunicationErrorException) ErrorFault

func (*IDPCommunicationErrorException) ErrorMessage

func (e *IDPCommunicationErrorException) ErrorMessage() string

type IDPRejectedClaimException

type IDPRejectedClaimException struct {
	Message *string
}

The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid. If this error is returned for the AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired or has been explicitly revoked.

func (*IDPRejectedClaimException) Error

func (e *IDPRejectedClaimException) Error() string

func (*IDPRejectedClaimException) ErrorCode

func (e *IDPRejectedClaimException) ErrorCode() string

func (*IDPRejectedClaimException) ErrorFault

func (*IDPRejectedClaimException) ErrorMessage

func (e *IDPRejectedClaimException) ErrorMessage() string

type InvalidAuthorizationMessageException

type InvalidAuthorizationMessageException struct {
	Message *string
}

The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks.

func (*InvalidAuthorizationMessageException) Error

func (*InvalidAuthorizationMessageException) ErrorCode

func (*InvalidAuthorizationMessageException) ErrorFault

func (*InvalidAuthorizationMessageException) ErrorMessage

func (e *InvalidAuthorizationMessageException) ErrorMessage() string

type InvalidIdentityTokenException

type InvalidIdentityTokenException struct {
	Message *string
}

The web identity token that was passed could not be validated by AWS. Get a new identity token from the identity provider and then retry the request.

func (*InvalidIdentityTokenException) Error

func (*InvalidIdentityTokenException) ErrorCode

func (e *InvalidIdentityTokenException) ErrorCode() string

func (*InvalidIdentityTokenException) ErrorFault

func (*InvalidIdentityTokenException) ErrorMessage

func (e *InvalidIdentityTokenException) ErrorMessage() string

type MalformedPolicyDocumentException

type MalformedPolicyDocumentException struct {
	Message *string
}

The request was rejected because the policy document was malformed. The error message describes the specific error.

func (*MalformedPolicyDocumentException) Error

func (*MalformedPolicyDocumentException) ErrorCode

func (*MalformedPolicyDocumentException) ErrorFault

func (*MalformedPolicyDocumentException) ErrorMessage

func (e *MalformedPolicyDocumentException) ErrorMessage() string

type PackedPolicyTooLargeException

type PackedPolicyTooLargeException struct {
	Message *string
}

The request was rejected because the total packed size of the session policies and session tags combined was too large. An AWS conversion compresses the session policy document, session policy ARNs, and session tags into a packed binary format that has a separate limit. The error message indicates by percentage how close the policies and tags are to the upper size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the IAM User Guide. You could receive this error even though you meet other defined session policy and session tag limits. For more information, see IAM and STS Entity Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

func (*PackedPolicyTooLargeException) Error

func (*PackedPolicyTooLargeException) ErrorCode

func (e *PackedPolicyTooLargeException) ErrorCode() string

func (*PackedPolicyTooLargeException) ErrorFault

func (*PackedPolicyTooLargeException) ErrorMessage

func (e *PackedPolicyTooLargeException) ErrorMessage() string

type PolicyDescriptorType

type PolicyDescriptorType struct {

	// The Amazon Resource Name (ARN) of the IAM managed policy to use as a session
	// policy for the role. For more information about ARNs, see Amazon Resource Names
	// (ARNs) and AWS Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string
}

A reference to the IAM managed policy that is passed as a session policy for a role session or a federated user session.

type RegionDisabledException

type RegionDisabledException struct {
	Message *string
}

STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see Activating and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

func (*RegionDisabledException) Error

func (e *RegionDisabledException) Error() string

func (*RegionDisabledException) ErrorCode

func (e *RegionDisabledException) ErrorCode() string

func (*RegionDisabledException) ErrorFault

func (e *RegionDisabledException) ErrorFault() smithy.ErrorFault

func (*RegionDisabledException) ErrorMessage

func (e *RegionDisabledException) ErrorMessage() string

type Tag

type Tag struct {

	// The key for a session tag. You can pass up to 50 session tags. The plain text
	// session tag keys can’t exceed 128 characters. For these and additional limits,
	// see IAM and STS Character Limits
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
	// in the IAM User Guide.
	//
	// This member is required.
	Key *string

	// The value for a session tag. You can pass up to 50 session tags. The plain text
	// session tag values can’t exceed 256 characters. For these and additional limits,
	// see IAM and STS Character Limits
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
	// in the IAM User Guide.
	//
	// This member is required.
	Value *string
}

You can pass custom key-value pair attributes when you assume a role or federate a user. These are called session tags. You can then use the session tags to control access to resources. For more information, see Tagging AWS STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the IAM User Guide.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL