Search in sources :

Example 1 with AssumeRoleRequest

use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project aws-doc-sdk-examples by awsdocs.

the class IAMScenario method assumeGivenRole.

// Invoke an Amazon S3 operation using the Assumed Role.
public static void assumeGivenRole(String roleArn, String roleSessionName, String bucketName) {
    StsClient stsClient = StsClient.builder().region(Region.US_EAST_1).build();
    try {
        AssumeRoleRequest roleRequest = AssumeRoleRequest.builder().roleArn(roleArn).roleSessionName(roleSessionName).build();
        AssumeRoleResponse roleResponse = stsClient.assumeRole(roleRequest);
        Credentials myCreds = roleResponse.credentials();
        String key = myCreds.accessKeyId();
        String secKey = myCreds.secretAccessKey();
        String secToken = myCreds.sessionToken();
        // List all objects in an Amazon S3 bucket using the temp creds.
        Region region = Region.US_EAST_1;
        S3Client s3 = S3Client.builder().credentialsProvider(StaticCredentialsProvider.create(AwsSessionCredentials.create(key, secKey, secToken))).region(region).build();
        System.out.println("Created a S3Client using temp credentials.");
        System.out.println("Listing objects in " + bucketName);
        ListObjectsRequest listObjects = ListObjectsRequest.builder().bucket(bucketName).build();
        ListObjectsResponse res = s3.listObjects(listObjects);
        List<S3Object> objects = res.contents();
        for (S3Object myValue : objects) {
            System.out.println("The name of the key is " + myValue.key());
            System.out.println("The owner is " + myValue.owner());
        }
    } catch (StsException e) {
        System.err.println(e.getMessage());
        System.exit(1);
    }
}
Also used : StsClient(software.amazon.awssdk.services.sts.StsClient) AssumeRoleRequest(software.amazon.awssdk.services.sts.model.AssumeRoleRequest) ListObjectsRequest(software.amazon.awssdk.services.s3.model.ListObjectsRequest) StsException(software.amazon.awssdk.services.sts.model.StsException) AssumeRoleResponse(software.amazon.awssdk.services.sts.model.AssumeRoleResponse) Region(software.amazon.awssdk.regions.Region) ListObjectsResponse(software.amazon.awssdk.services.s3.model.ListObjectsResponse) S3Object(software.amazon.awssdk.services.s3.model.S3Object) S3Client(software.amazon.awssdk.services.s3.S3Client) AwsSessionCredentials(software.amazon.awssdk.auth.credentials.AwsSessionCredentials) Credentials(software.amazon.awssdk.services.sts.model.Credentials)

Example 2 with AssumeRoleRequest

use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project aws-doc-sdk-examples by awsdocs.

the class AssumeRole method assumeGivenRole.

// snippet-start:[sts.java2.assume_role.main]
public static void assumeGivenRole(StsClient stsClient, String roleArn, String roleSessionName) {
    try {
        AssumeRoleRequest roleRequest = AssumeRoleRequest.builder().roleArn(roleArn).roleSessionName(roleSessionName).build();
        AssumeRoleResponse roleResponse = stsClient.assumeRole(roleRequest);
        Credentials myCreds = roleResponse.credentials();
        // Display the time when the temp creds expire
        Instant exTime = myCreds.expiration();
        String tokenInfo = myCreds.sessionToken();
        // Convert the Instant to readable date
        DateTimeFormatter formatter = DateTimeFormatter.ofLocalizedDateTime(FormatStyle.SHORT).withLocale(Locale.US).withZone(ZoneId.systemDefault());
        formatter.format(exTime);
        System.out.println("The token " + tokenInfo + "  expires on " + exTime);
    } catch (StsException e) {
        System.err.println(e.getMessage());
        System.exit(1);
    }
}
Also used : AssumeRoleRequest(software.amazon.awssdk.services.sts.model.AssumeRoleRequest) StsException(software.amazon.awssdk.services.sts.model.StsException) AssumeRoleResponse(software.amazon.awssdk.services.sts.model.AssumeRoleResponse) Instant(java.time.Instant) DateTimeFormatter(java.time.format.DateTimeFormatter) Credentials(software.amazon.awssdk.services.sts.model.Credentials)

Example 3 with AssumeRoleRequest

use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project uploader by smoketurner.

the class AwsConfiguration method getCredentials.

@JsonIgnore
public AwsCredentialsProvider getCredentials() {
    final AwsCredentialsProvider credentials;
    if (!Strings.isNullOrEmpty(accessKey) && !Strings.isNullOrEmpty(secretKey)) {
        credentials = StaticCredentialsProvider.create(AwsBasicCredentials.create(accessKey, secretKey));
    } else {
        credentials = DefaultCredentialsProvider.create();
    }
    if (Strings.isNullOrEmpty(stsRoleArn)) {
        return credentials;
    }
    final StsClient stsClient = StsClient.builder().credentialsProvider(credentials).region(region).build();
    final AssumeRoleRequest assumeRoleRequest = AssumeRoleRequest.builder().roleArn(stsRoleArn).build();
    return StsAssumeRoleCredentialsProvider.builder().stsClient(stsClient).refreshRequest(assumeRoleRequest).build();
}
Also used : StsClient(software.amazon.awssdk.services.sts.StsClient) AssumeRoleRequest(software.amazon.awssdk.services.sts.model.AssumeRoleRequest) AwsCredentialsProvider(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider) JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore)

Example 4 with AssumeRoleRequest

use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project pravega by pravega.

the class S3SimpleStorageFactory method getRoleCredentialsProvider.

private static AwsCredentialsProvider getRoleCredentialsProvider(String roleArn, String roleSessionName) {
    AssumeRoleRequest assumeRoleRequest = AssumeRoleRequest.builder().roleArn(roleArn).roleSessionName(roleSessionName).build();
    StsClient stsClient = StsClient.builder().build();
    return StsAssumeRoleCredentialsProvider.builder().stsClient(stsClient).refreshRequest(assumeRoleRequest).asyncCredentialUpdateEnabled(true).build();
}
Also used : AssumeRoleRequest(software.amazon.awssdk.services.sts.model.AssumeRoleRequest) StsClient(software.amazon.awssdk.services.sts.StsClient)

Example 5 with AssumeRoleRequest

use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project beam by apache.

the class AwsModuleTest method testStsAssumeRoleCredentialsProviderSerializationDeserialization.

@Test
public void testStsAssumeRoleCredentialsProviderSerializationDeserialization() throws Exception {
    AssumeRoleRequest req = AssumeRoleRequest.builder().roleArn("roleArn").policy("policy").build();
    Supplier<AwsCredentialsProvider> provider = () -> StsAssumeRoleCredentialsProvider.builder().stsClient(StsClient.create()).refreshRequest(req).build();
    Properties overrides = new Properties();
    overrides.setProperty(AWS_REGION.property(), Regions.US_EAST_1.getName());
    overrides.setProperty(AWS_ACCESS_KEY_ID.property(), "key");
    overrides.setProperty(AWS_SECRET_ACCESS_KEY.property(), "secret");
    // Region and credentials for STS client are resolved using default providers
    AwsCredentialsProvider deserializedProvider = withSystemPropertyOverrides(overrides, () -> serializeAndDeserialize(provider.get()));
    Supplier<AssumeRoleRequest> requestSupplier = (Supplier<AssumeRoleRequest>) readField(deserializedProvider, "assumeRoleRequestSupplier", true);
    assertThat(requestSupplier.get()).isEqualTo(req);
}
Also used : AssumeRoleRequest(software.amazon.awssdk.services.sts.model.AssumeRoleRequest) AwsCredentialsProvider(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider) ThrowingSupplier(org.apache.beam.sdk.util.ThrowingSupplier) Supplier(java.util.function.Supplier) Properties(java.util.Properties) Test(org.junit.Test)

Aggregations

AssumeRoleRequest (software.amazon.awssdk.services.sts.model.AssumeRoleRequest)7 StsClient (software.amazon.awssdk.services.sts.StsClient)4 AwsCredentialsProvider (software.amazon.awssdk.auth.credentials.AwsCredentialsProvider)2 AssumeRoleResponse (software.amazon.awssdk.services.sts.model.AssumeRoleResponse)2 Credentials (software.amazon.awssdk.services.sts.model.Credentials)2 StsException (software.amazon.awssdk.services.sts.model.StsException)2 JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1 Instant (java.time.Instant)1 DateTimeFormatter (java.time.format.DateTimeFormatter)1 Properties (java.util.Properties)1 Supplier (java.util.function.Supplier)1 ThrowingSupplier (org.apache.beam.sdk.util.ThrowingSupplier)1 Test (org.junit.Test)1 AwsSessionCredentials (software.amazon.awssdk.auth.credentials.AwsSessionCredentials)1 Region (software.amazon.awssdk.regions.Region)1 S3Client (software.amazon.awssdk.services.s3.S3Client)1 ListObjectsRequest (software.amazon.awssdk.services.s3.model.ListObjectsRequest)1 ListObjectsResponse (software.amazon.awssdk.services.s3.model.ListObjectsResponse)1 S3Object (software.amazon.awssdk.services.s3.model.S3Object)1 STSClient (software.amazon.awssdk.services.sts.STSClient)1