| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282 |
- // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
- package sts_test
- import (
- "fmt"
- "strings"
- "time"
- "github.com/aws/aws-sdk-go/aws"
- "github.com/aws/aws-sdk-go/aws/awserr"
- "github.com/aws/aws-sdk-go/aws/session"
- "github.com/aws/aws-sdk-go/service/sts"
- )
- var _ time.Duration
- var _ strings.Reader
- var _ aws.Config
- func parseTime(layout, value string) *time.Time {
- t, err := time.Parse(layout, value)
- if err != nil {
- panic(err)
- }
- return &t
- }
- // To assume a role
- //
- func ExampleSTS_AssumeRole_shared00() {
- svc := sts.New(session.New())
- input := &sts.AssumeRoleInput{
- DurationSeconds: aws.Int64(3600),
- ExternalId: aws.String("123ABC"),
- Policy: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}"),
- RoleArn: aws.String("arn:aws:iam::123456789012:role/demo"),
- RoleSessionName: aws.String("Bob"),
- }
- result, err := svc.AssumeRole(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- case sts.ErrCodeMalformedPolicyDocumentException:
- fmt.Println(sts.ErrCodeMalformedPolicyDocumentException, aerr.Error())
- case sts.ErrCodePackedPolicyTooLargeException:
- fmt.Println(sts.ErrCodePackedPolicyTooLargeException, aerr.Error())
- case sts.ErrCodeRegionDisabledException:
- fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error())
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To assume a role as an OpenID Connect-federated user
- //
- func ExampleSTS_AssumeRoleWithWebIdentity_shared00() {
- svc := sts.New(session.New())
- input := &sts.AssumeRoleWithWebIdentityInput{
- DurationSeconds: aws.Int64(3600),
- ProviderId: aws.String("www.amazon.com"),
- RoleArn: aws.String("arn:aws:iam::123456789012:role/FederatedWebIdentityRole"),
- RoleSessionName: aws.String("app1"),
- WebIdentityToken: aws.String("Atza%7CIQEBLjAsAhRFiXuWpUXuRvQ9PZL3GMFcYevydwIUFAHZwXZXXXXXXXXJnrulxKDHwy87oGKPznh0D6bEQZTSCzyoCtL_8S07pLpr0zMbn6w1lfVZKNTBdDansFBmtGnIsIapjI6xKR02Yc_2bQ8LZbUXSGm6Ry6_BG7PrtLZtj_dfCTj92xNGed-CrKqjG7nPBjNIL016GGvuS5gSvPRUxWES3VYfm1wl7WTI7jn-Pcb6M-buCgHhFOzTQxod27L9CqnOLio7N3gZAGpsp6n1-AJBOCJckcyXe2c6uD0srOJeZlKUm2eTDVMf8IehDVI0r1QOnTV6KzzAI3OY87Vd_cVMQ"),
- }
- result, err := svc.AssumeRoleWithWebIdentity(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- case sts.ErrCodeMalformedPolicyDocumentException:
- fmt.Println(sts.ErrCodeMalformedPolicyDocumentException, aerr.Error())
- case sts.ErrCodePackedPolicyTooLargeException:
- fmt.Println(sts.ErrCodePackedPolicyTooLargeException, aerr.Error())
- case sts.ErrCodeIDPRejectedClaimException:
- fmt.Println(sts.ErrCodeIDPRejectedClaimException, aerr.Error())
- case sts.ErrCodeIDPCommunicationErrorException:
- fmt.Println(sts.ErrCodeIDPCommunicationErrorException, aerr.Error())
- case sts.ErrCodeInvalidIdentityTokenException:
- fmt.Println(sts.ErrCodeInvalidIdentityTokenException, aerr.Error())
- case sts.ErrCodeExpiredTokenException:
- fmt.Println(sts.ErrCodeExpiredTokenException, aerr.Error())
- case sts.ErrCodeRegionDisabledException:
- fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error())
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To decode information about an authorization status of a request
- //
- func ExampleSTS_DecodeAuthorizationMessage_shared00() {
- svc := sts.New(session.New())
- input := &sts.DecodeAuthorizationMessageInput{
- EncodedMessage: aws.String("<encoded-message>"),
- }
- result, err := svc.DecodeAuthorizationMessage(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- case sts.ErrCodeInvalidAuthorizationMessageException:
- fmt.Println(sts.ErrCodeInvalidAuthorizationMessageException, aerr.Error())
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To get details about a calling IAM user
- //
- // This example shows a request and response made with the credentials for a user named
- // Alice in the AWS account 123456789012.
- func ExampleSTS_GetCallerIdentity_shared00() {
- svc := sts.New(session.New())
- input := &sts.GetCallerIdentityInput{}
- result, err := svc.GetCallerIdentity(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To get details about a calling user federated with AssumeRole
- //
- // This example shows a request and response made with temporary credentials created
- // by AssumeRole. The name of the assumed role is my-role-name, and the RoleSessionName
- // is set to my-role-session-name.
- func ExampleSTS_GetCallerIdentity_shared01() {
- svc := sts.New(session.New())
- input := &sts.GetCallerIdentityInput{}
- result, err := svc.GetCallerIdentity(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To get details about a calling user federated with GetFederationToken
- //
- // This example shows a request and response made with temporary credentials created
- // by using GetFederationToken. The Name parameter is set to my-federated-user-name.
- func ExampleSTS_GetCallerIdentity_shared02() {
- svc := sts.New(session.New())
- input := &sts.GetCallerIdentityInput{}
- result, err := svc.GetCallerIdentity(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To get temporary credentials for a role by using GetFederationToken
- //
- func ExampleSTS_GetFederationToken_shared00() {
- svc := sts.New(session.New())
- input := &sts.GetFederationTokenInput{
- DurationSeconds: aws.Int64(3600),
- Name: aws.String("Bob"),
- Policy: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}"),
- }
- result, err := svc.GetFederationToken(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- case sts.ErrCodeMalformedPolicyDocumentException:
- fmt.Println(sts.ErrCodeMalformedPolicyDocumentException, aerr.Error())
- case sts.ErrCodePackedPolicyTooLargeException:
- fmt.Println(sts.ErrCodePackedPolicyTooLargeException, aerr.Error())
- case sts.ErrCodeRegionDisabledException:
- fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error())
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
- // To get temporary credentials for an IAM user or an AWS account
- //
- func ExampleSTS_GetSessionToken_shared00() {
- svc := sts.New(session.New())
- input := &sts.GetSessionTokenInput{
- DurationSeconds: aws.Int64(3600),
- SerialNumber: aws.String("YourMFASerialNumber"),
- TokenCode: aws.String("123456"),
- }
- result, err := svc.GetSessionToken(input)
- if err != nil {
- if aerr, ok := err.(awserr.Error); ok {
- switch aerr.Code() {
- case sts.ErrCodeRegionDisabledException:
- fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error())
- default:
- fmt.Println(aerr.Error())
- }
- } else {
- // Print the error, cast err to awserr.Error to get the Code and
- // Message from an error.
- fmt.Println(err.Error())
- }
- return
- }
- fmt.Println(result)
- }
|