types

package
v1.26.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 15, 2023 License: Apache-2.0 Imports: 4 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AssumedRoleUser

type AssumedRoleUser struct {

	// The ARN of the temporary security credentials that are returned from the
	// AssumeRole action. For more information about ARNs and how to use them in
	// policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	//
	// This member is required.
	Arn *string

	// A unique identifier that contains the role ID and the role session name of the
	// role that is being assumed. The role ID is generated by Amazon Web Services when
	// the role is created.
	//
	// This member is required.
	AssumedRoleId *string
	// contains filtered or unexported fields
}

The identifiers for the temporary security credentials that the operation returns.

type Credentials

type Credentials struct {

	// The access key ID that identifies the temporary security credentials.
	//
	// This member is required.
	AccessKeyId *string

	// The date on which the current credentials expire.
	//
	// This member is required.
	Expiration *time.Time

	// The secret access key that can be used to sign requests.
	//
	// This member is required.
	SecretAccessKey *string

	// The token that users must pass to the service API to use the temporary
	// credentials.
	//
	// This member is required.
	SessionToken *string
	// contains filtered or unexported fields
}

Amazon Web Services credentials for API authentication.

type ExpiredTokenException

type ExpiredTokenException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.

func (*ExpiredTokenException) Error

func (e *ExpiredTokenException) Error() string

func (*ExpiredTokenException) ErrorCode

func (e *ExpiredTokenException) ErrorCode() string

func (*ExpiredTokenException) ErrorFault

func (e *ExpiredTokenException) ErrorFault() smithy.ErrorFault

func (*ExpiredTokenException) ErrorMessage

func (e *ExpiredTokenException) ErrorMessage() string

type FederatedUser

type FederatedUser struct {

	// The ARN that specifies the federated user that is associated with the
	// credentials. For more information about ARNs and how to use them in policies,
	// see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The string that identifies the federated user associated with the credentials,
	// similar to the unique ID of an IAM user.
	//
	// This member is required.
	FederatedUserId *string
	// contains filtered or unexported fields
}

Identifiers for the federated user that is associated with the credentials.

type IDPCommunicationErrorException

type IDPCommunicationErrorException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request could not be fulfilled because the identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the identity provider might be down or not responding.

func (*IDPCommunicationErrorException) Error

func (*IDPCommunicationErrorException) ErrorCode

func (e *IDPCommunicationErrorException) ErrorCode() string

func (*IDPCommunicationErrorException) ErrorFault

func (*IDPCommunicationErrorException) ErrorMessage

func (e *IDPCommunicationErrorException) ErrorMessage() string

type IDPRejectedClaimException

type IDPRejectedClaimException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid. If this error is returned for the AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired or has been explicitly revoked.

func (*IDPRejectedClaimException) Error

func (e *IDPRejectedClaimException) Error() string

func (*IDPRejectedClaimException) ErrorCode

func (e *IDPRejectedClaimException) ErrorCode() string

func (*IDPRejectedClaimException) ErrorFault

func (*IDPRejectedClaimException) ErrorMessage

func (e *IDPRejectedClaimException) ErrorMessage() string

type InvalidAuthorizationMessageException

type InvalidAuthorizationMessageException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks.

func (*InvalidAuthorizationMessageException) Error

func (*InvalidAuthorizationMessageException) ErrorCode

func (*InvalidAuthorizationMessageException) ErrorFault

func (*InvalidAuthorizationMessageException) ErrorMessage

func (e *InvalidAuthorizationMessageException) ErrorMessage() string

type InvalidIdentityTokenException

type InvalidIdentityTokenException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The web identity token that was passed could not be validated by Amazon Web Services. Get a new identity token from the identity provider and then retry the request.

func (*InvalidIdentityTokenException) Error

func (*InvalidIdentityTokenException) ErrorCode

func (e *InvalidIdentityTokenException) ErrorCode() string

func (*InvalidIdentityTokenException) ErrorFault

func (*InvalidIdentityTokenException) ErrorMessage

func (e *InvalidIdentityTokenException) ErrorMessage() string

type MalformedPolicyDocumentException

type MalformedPolicyDocumentException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request was rejected because the policy document was malformed. The error message describes the specific error.

func (*MalformedPolicyDocumentException) Error

func (*MalformedPolicyDocumentException) ErrorCode

func (*MalformedPolicyDocumentException) ErrorFault

func (*MalformedPolicyDocumentException) ErrorMessage

func (e *MalformedPolicyDocumentException) ErrorMessage() string

type PackedPolicyTooLargeException

type PackedPolicyTooLargeException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

The request was rejected because the total packed size of the session policies and session tags combined was too large. An Amazon Web Services conversion compresses the session policy document, session policy ARNs, and session tags into a packed binary format that has a separate limit. The error message indicates by percentage how close the policies and tags are to the upper size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the IAM User Guide. You could receive this error even though you meet other defined session policy and session tag limits. For more information, see IAM and STS Entity Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) in the IAM User Guide.

func (*PackedPolicyTooLargeException) Error

func (*PackedPolicyTooLargeException) ErrorCode

func (e *PackedPolicyTooLargeException) ErrorCode() string

func (*PackedPolicyTooLargeException) ErrorFault

func (*PackedPolicyTooLargeException) ErrorMessage

func (e *PackedPolicyTooLargeException) ErrorMessage() string

type PolicyDescriptorType

type PolicyDescriptorType struct {

	// The Amazon Resource Name (ARN) of the IAM managed policy to use as a session
	// policy for the role. For more information about ARNs, see Amazon Resource Names
	// (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string
	// contains filtered or unexported fields
}

A reference to the IAM managed policy that is passed as a session policy for a role session or a federated user session.

type ProvidedContext

type ProvidedContext struct {

	// The signed and encrypted trusted context assertion generated by the context
	// provider. The trusted context assertion is signed and encrypted by Amazon Web
	// Services STS.
	ContextAssertion *string

	// The context provider ARN from which the trusted context assertion was generated.
	ProviderArn *string
	// contains filtered or unexported fields
}

Contains information about the provided context. This includes the signed and encrypted trusted context assertion and the context provider ARN from which the trusted context assertion was generated.

type RegionDisabledException

type RegionDisabledException struct {
	Message *string

	ErrorCodeOverride *string
	// contains filtered or unexported fields
}

STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see Activating and Deactivating Amazon Web Services STS in an Amazon Web Services Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

func (*RegionDisabledException) Error

func (e *RegionDisabledException) Error() string

func (*RegionDisabledException) ErrorCode

func (e *RegionDisabledException) ErrorCode() string

func (*RegionDisabledException) ErrorFault

func (e *RegionDisabledException) ErrorFault() smithy.ErrorFault

func (*RegionDisabledException) ErrorMessage

func (e *RegionDisabledException) ErrorMessage() string

type Tag

type Tag struct {

	// The key for a session tag. You can pass up to 50 session tags. The plain text
	// session tag keys can’t exceed 128 characters. For these and additional limits,
	// see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
	// in the IAM User Guide.
	//
	// This member is required.
	Key *string

	// The value for a session tag. You can pass up to 50 session tags. The plain text
	// session tag values can’t exceed 256 characters. For these and additional limits,
	// see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
	// in the IAM User Guide.
	//
	// This member is required.
	Value *string
	// contains filtered or unexported fields
}

You can pass custom key-value pair attributes when you assume a role or federate a user. These are called session tags. You can then use the session tags to control access to resources. For more information, see Tagging Amazon Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the IAM User Guide.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL