use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project aws-doc-sdk-examples by awsdocs.
the class IAMScenario method assumeGivenRole.
// Invoke an Amazon S3 operation using the Assumed Role.
public static void assumeGivenRole(String roleArn, String roleSessionName, String bucketName) {
StsClient stsClient = StsClient.builder().region(Region.US_EAST_1).build();
try {
AssumeRoleRequest roleRequest = AssumeRoleRequest.builder().roleArn(roleArn).roleSessionName(roleSessionName).build();
AssumeRoleResponse roleResponse = stsClient.assumeRole(roleRequest);
Credentials myCreds = roleResponse.credentials();
String key = myCreds.accessKeyId();
String secKey = myCreds.secretAccessKey();
String secToken = myCreds.sessionToken();
// List all objects in an Amazon S3 bucket using the temp creds.
Region region = Region.US_EAST_1;
S3Client s3 = S3Client.builder().credentialsProvider(StaticCredentialsProvider.create(AwsSessionCredentials.create(key, secKey, secToken))).region(region).build();
System.out.println("Created a S3Client using temp credentials.");
System.out.println("Listing objects in " + bucketName);
ListObjectsRequest listObjects = ListObjectsRequest.builder().bucket(bucketName).build();
ListObjectsResponse res = s3.listObjects(listObjects);
List<S3Object> objects = res.contents();
for (S3Object myValue : objects) {
System.out.println("The name of the key is " + myValue.key());
System.out.println("The owner is " + myValue.owner());
}
} catch (StsException e) {
System.err.println(e.getMessage());
System.exit(1);
}
}
use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project aws-doc-sdk-examples by awsdocs.
the class AssumeRole method assumeGivenRole.
// snippet-start:[sts.java2.assume_role.main]
public static void assumeGivenRole(StsClient stsClient, String roleArn, String roleSessionName) {
try {
AssumeRoleRequest roleRequest = AssumeRoleRequest.builder().roleArn(roleArn).roleSessionName(roleSessionName).build();
AssumeRoleResponse roleResponse = stsClient.assumeRole(roleRequest);
Credentials myCreds = roleResponse.credentials();
// Display the time when the temp creds expire
Instant exTime = myCreds.expiration();
String tokenInfo = myCreds.sessionToken();
// Convert the Instant to readable date
DateTimeFormatter formatter = DateTimeFormatter.ofLocalizedDateTime(FormatStyle.SHORT).withLocale(Locale.US).withZone(ZoneId.systemDefault());
formatter.format(exTime);
System.out.println("The token " + tokenInfo + " expires on " + exTime);
} catch (StsException e) {
System.err.println(e.getMessage());
System.exit(1);
}
}
use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project uploader by smoketurner.
the class AwsConfiguration method getCredentials.
@JsonIgnore
public AwsCredentialsProvider getCredentials() {
final AwsCredentialsProvider credentials;
if (!Strings.isNullOrEmpty(accessKey) && !Strings.isNullOrEmpty(secretKey)) {
credentials = StaticCredentialsProvider.create(AwsBasicCredentials.create(accessKey, secretKey));
} else {
credentials = DefaultCredentialsProvider.create();
}
if (Strings.isNullOrEmpty(stsRoleArn)) {
return credentials;
}
final StsClient stsClient = StsClient.builder().credentialsProvider(credentials).region(region).build();
final AssumeRoleRequest assumeRoleRequest = AssumeRoleRequest.builder().roleArn(stsRoleArn).build();
return StsAssumeRoleCredentialsProvider.builder().stsClient(stsClient).refreshRequest(assumeRoleRequest).build();
}
use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project pravega by pravega.
the class S3SimpleStorageFactory method getRoleCredentialsProvider.
private static AwsCredentialsProvider getRoleCredentialsProvider(String roleArn, String roleSessionName) {
AssumeRoleRequest assumeRoleRequest = AssumeRoleRequest.builder().roleArn(roleArn).roleSessionName(roleSessionName).build();
StsClient stsClient = StsClient.builder().build();
return StsAssumeRoleCredentialsProvider.builder().stsClient(stsClient).refreshRequest(assumeRoleRequest).asyncCredentialUpdateEnabled(true).build();
}
use of software.amazon.awssdk.services.sts.model.AssumeRoleRequest in project beam by apache.
the class AwsModuleTest method testStsAssumeRoleCredentialsProviderSerializationDeserialization.
@Test
public void testStsAssumeRoleCredentialsProviderSerializationDeserialization() throws Exception {
AssumeRoleRequest req = AssumeRoleRequest.builder().roleArn("roleArn").policy("policy").build();
Supplier<AwsCredentialsProvider> provider = () -> StsAssumeRoleCredentialsProvider.builder().stsClient(StsClient.create()).refreshRequest(req).build();
Properties overrides = new Properties();
overrides.setProperty(AWS_REGION.property(), Regions.US_EAST_1.getName());
overrides.setProperty(AWS_ACCESS_KEY_ID.property(), "key");
overrides.setProperty(AWS_SECRET_ACCESS_KEY.property(), "secret");
// Region and credentials for STS client are resolved using default providers
AwsCredentialsProvider deserializedProvider = withSystemPropertyOverrides(overrides, () -> serializeAndDeserialize(provider.get()));
Supplier<AssumeRoleRequest> requestSupplier = (Supplier<AssumeRoleRequest>) readField(deserializedProvider, "assumeRoleRequestSupplier", true);
assertThat(requestSupplier.get()).isEqualTo(req);
}
Aggregations