GetManagedEndpointSessionCredentials - Amazon EMR on EKS

GetManagedEndpointSessionCredentials

Generate a session token to connect to a managed endpoint.

Request Syntax

POST /virtualclusters/virtualClusterId/endpoints/endpointId/credentials HTTP/1.1 Content-type: application/json { "clientToken": "string", "credentialType": "string", "durationInSeconds": number, "executionRoleArn": "string", "logContext": "string" }

URI Request Parameters

The request uses the following URI parameters.

endpointId

The ARN of the managed endpoint for which the request is submitted.

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: .*\S.*

Required: Yes

virtualClusterId

The ARN of the Virtual Cluster which the Managed Endpoint belongs to.

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: .*\S.*

Required: Yes

Request Body

The request accepts the following data in JSON format.

clientToken

The client idempotency token of the job run request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: .*\S.*

Required: No

credentialType

Type of the token requested. Currently supported and default value of this field is “TOKEN.”

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: ^.*\S.*$

Required: Yes

durationInSeconds

Duration in seconds for which the session token is valid. The default duration is 15 minutes and the maximum is 12 hours.

Type: Integer

Required: No

executionRoleArn

The IAM Execution Role ARN that will be used by the job run.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:(aws[a-zA-Z0-9-]*):iam::(\d{12})?:(role((\u002F)|(\u002F[\u0021-\u007F]+\u002F))[\w+=,.@-]+)$

Required: Yes

logContext

String identifier used to separate sections of the execution logs uploaded to S3.

Type: String

Length Constraints: Minimum length of 3. Maximum length of 63.

Pattern: ^((?!.*-s3alias)(?!xn--.*)[a-z0-9][-a-z0-9.]*)?[a-z0-9]$

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "credentials": { ... }, "expiresAt": "string", "id": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

credentials

The structure containing the session credentials.

Type: Credentials object

Note: This object is a Union. Only one member of this object can be specified or returned.

expiresAt

The date and time when the session token will expire.

Type: Timestamp

id

The identifier of the session token returned.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [0-9a-z]+

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServerException

This is an internal server exception.

HTTP Status Code: 500

RequestThrottledException

The request throttled.

HTTP Status Code: 400

ResourceNotFoundException

The specified resource was not found.

HTTP Status Code: 400

ValidationException

There are invalid parameters in the client request.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: