Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AssumedRoleUser

type AssumedRoleUser struct {

	// The ARN of the temporary security credentials that are returned from the
	// AssumeRole action. For more information about ARNs and how to use them in
	// policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	//
	// This member is required.
	Arn *string

	// A unique identifier that contains the role ID and the role session name of the
	// role that is being assumed. The role ID is generated by AWS when the role is
	// created.
	//
	// This member is required.
	AssumedRoleId *string
}

    The identifiers for the temporary security credentials that the operation returns.

    type Credentials

    type Credentials struct {
    
    	// The access key ID that identifies the temporary security credentials.
    	//
    	// This member is required.
    	AccessKeyId *string
    
    	// The date on which the current credentials expire.
    	//
    	// This member is required.
    	Expiration *time.Time
    
    	// The secret access key that can be used to sign requests.
    	//
    	// This member is required.
    	SecretAccessKey *string
    
    	// The token that users must pass to the service API to use the temporary
    	// credentials.
    	//
    	// This member is required.
    	SessionToken *string
    }

      AWS credentials for API authentication.

      type ExpiredTokenException

      type ExpiredTokenException struct {
      	Message *string
      }

        The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.

        func (*ExpiredTokenException) Error

        func (e *ExpiredTokenException) Error() string

        func (*ExpiredTokenException) ErrorCode

        func (e *ExpiredTokenException) ErrorCode() string

        func (*ExpiredTokenException) ErrorFault

        func (e *ExpiredTokenException) ErrorFault() smithy.ErrorFault

        func (*ExpiredTokenException) ErrorMessage

        func (e *ExpiredTokenException) ErrorMessage() string

        type FederatedUser

        type FederatedUser struct {
        
        	// The ARN that specifies the federated user that is associated with the
        	// credentials. For more information about ARNs and how to use them in policies,
        	// see IAM Identifiers
        	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
        	// the IAM User Guide.
        	//
        	// This member is required.
        	Arn *string
        
        	// The string that identifies the federated user associated with the credentials,
        	// similar to the unique ID of an IAM user.
        	//
        	// This member is required.
        	FederatedUserId *string
        }

          Identifiers for the federated user that is associated with the credentials.

          type IDPCommunicationErrorException

          type IDPCommunicationErrorException struct {
          	Message *string
          }

            The request could not be fulfilled because the identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the identity provider might be down or not responding.

            func (*IDPCommunicationErrorException) Error

            func (*IDPCommunicationErrorException) ErrorCode

            func (e *IDPCommunicationErrorException) ErrorCode() string

            func (*IDPCommunicationErrorException) ErrorFault

            func (*IDPCommunicationErrorException) ErrorMessage

            func (e *IDPCommunicationErrorException) ErrorMessage() string

            type IDPRejectedClaimException

            type IDPRejectedClaimException struct {
            	Message *string
            }

              The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid. If this error is returned for the AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired or has been explicitly revoked.

              func (*IDPRejectedClaimException) Error

              func (e *IDPRejectedClaimException) Error() string

              func (*IDPRejectedClaimException) ErrorCode

              func (e *IDPRejectedClaimException) ErrorCode() string

              func (*IDPRejectedClaimException) ErrorFault

              func (*IDPRejectedClaimException) ErrorMessage

              func (e *IDPRejectedClaimException) ErrorMessage() string

              type InvalidAuthorizationMessageException

              type InvalidAuthorizationMessageException struct {
              	Message *string
              }

                The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks.

                func (*InvalidAuthorizationMessageException) Error

                func (*InvalidAuthorizationMessageException) ErrorCode

                func (*InvalidAuthorizationMessageException) ErrorFault

                func (*InvalidAuthorizationMessageException) ErrorMessage

                func (e *InvalidAuthorizationMessageException) ErrorMessage() string

                type InvalidIdentityTokenException

                type InvalidIdentityTokenException struct {
                	Message *string
                }

                  The web identity token that was passed could not be validated by AWS. Get a new identity token from the identity provider and then retry the request.

                  func (*InvalidIdentityTokenException) Error

                  func (*InvalidIdentityTokenException) ErrorCode

                  func (e *InvalidIdentityTokenException) ErrorCode() string

                  func (*InvalidIdentityTokenException) ErrorFault

                  func (*InvalidIdentityTokenException) ErrorMessage

                  func (e *InvalidIdentityTokenException) ErrorMessage() string

                  type MalformedPolicyDocumentException

                  type MalformedPolicyDocumentException struct {
                  	Message *string
                  }

                    The request was rejected because the policy document was malformed. The error message describes the specific error.

                    func (*MalformedPolicyDocumentException) Error

                    func (*MalformedPolicyDocumentException) ErrorCode

                    func (*MalformedPolicyDocumentException) ErrorFault

                    func (*MalformedPolicyDocumentException) ErrorMessage

                    func (e *MalformedPolicyDocumentException) ErrorMessage() string

                    type PackedPolicyTooLargeException

                    type PackedPolicyTooLargeException struct {
                    	Message *string
                    }

                      The request was rejected because the total packed size of the session policies and session tags combined was too large. An AWS conversion compresses the session policy document, session policy ARNs, and session tags into a packed binary format that has a separate limit. The error message indicates by percentage how close the policies and tags are to the upper size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the IAM User Guide. You could receive this error even though you meet other defined session policy and session tag limits. For more information, see IAM and STS Entity Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

                      func (*PackedPolicyTooLargeException) Error

                      func (*PackedPolicyTooLargeException) ErrorCode

                      func (e *PackedPolicyTooLargeException) ErrorCode() string

                      func (*PackedPolicyTooLargeException) ErrorFault

                      func (*PackedPolicyTooLargeException) ErrorMessage

                      func (e *PackedPolicyTooLargeException) ErrorMessage() string

                      type PolicyDescriptorType

                      type PolicyDescriptorType struct {
                      
                      	// The Amazon Resource Name (ARN) of the IAM managed policy to use as a session
                      	// policy for the role. For more information about ARNs, see Amazon Resource Names
                      	// (ARNs) and AWS Service Namespaces
                      	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
                      	// the AWS General Reference.
                      	Arn *string
                      }

                        A reference to the IAM managed policy that is passed as a session policy for a role session or a federated user session.

                        type RegionDisabledException

                        type RegionDisabledException struct {
                        	Message *string
                        }

                          STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see Activating and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

                          func (*RegionDisabledException) Error

                          func (e *RegionDisabledException) Error() string

                          func (*RegionDisabledException) ErrorCode

                          func (e *RegionDisabledException) ErrorCode() string

                          func (*RegionDisabledException) ErrorFault

                          func (e *RegionDisabledException) ErrorFault() smithy.ErrorFault

                          func (*RegionDisabledException) ErrorMessage

                          func (e *RegionDisabledException) ErrorMessage() string

                          type Tag

                          type Tag struct {
                          
                          	// The key for a session tag. You can pass up to 50 session tags. The plain text
                          	// session tag keys can’t exceed 128 characters. For these and additional limits,
                          	// see IAM and STS Character Limits
                          	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
                          	// in the IAM User Guide.
                          	//
                          	// This member is required.
                          	Key *string
                          
                          	// The value for a session tag. You can pass up to 50 session tags. The plain text
                          	// session tag values can’t exceed 256 characters. For these and additional limits,
                          	// see IAM and STS Character Limits
                          	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
                          	// in the IAM User Guide.
                          	//
                          	// This member is required.
                          	Value *string
                          }

                            You can pass custom key-value pair attributes when you assume a role or federate a user. These are called session tags. You can then use the session tags to control access to resources. For more information, see Tagging AWS STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the IAM User Guide.

                            Source Files