Identifiers for the temporary security credentials that the AssumeRole action returns.
Container for the parameters to the AssumeRole operation.
The AssumeRole action returns a set of temporary security credentials that you can use to access resources that are defined in the role's policy. The returned credentials consist of an Access Key ID, a Secret Access Key, and a security token.
Important: Only IAM users can assume a role. If you use AWS account credentials to call AssumeRole, access is denied.
The credentials are valid for the duration that you specified when calling AssumeRole , which can be from 15 minutes to 1 hour.
When you assume a role, you have the privileges that are defined in the role. You can further restrict the privileges by passing a policy when calling AssumeRole .
To assume a role, you must be an IAM user from a trusted entity and have permission to call AssumeRole . Trusted entites are defined when the IAM role is created. Permission to call AssumeRole is defined in your or your group's IAM policy.
Returns information about the AssumeRoleResult response and response metadata.
Contains the result of a successful invocation of the AssumeRole action.
AWS credentials for API authentication.
Identifiers for the federated user associated with the credentials.
Container for the parameters to the GetFederationToken operation.
The GetFederationToken action returns a set of temporary credentials for a federated user with the user name and policy specified in the request. The credentials consist of an Access Key ID, a Secret Access Key, and a security token. Credentials created by IAM users are valid for the specified duration, between 15 minutes and 36 hours; credentials created using account credentials have a maximum duration of one hour.
The federated user who holds these credentials has any permissions allowed by the intersection of the specified policy and any resource or user policies that apply to the caller of the GetFederationToken API, and any resource policies that apply to the federated user's Amazon Resource Name (ARN). For more information about how token permissions work, see Controlling Permissions in Temporary Credentials in Using IAM . For information about using GetFederationToken to create temporary credentials, see Creating Temporary Credentials to Enable Access for Federated Users in Using IAM .
Returns information about the GetFederationTokenResult response and response metadata.
Contains the result of a successful invocation of the GetFederationToken action.
Container for the parameters to the GetSessionToken operation.
The GetSessionToken action returns a set of temporary credentials for an AWS account or IAM user. The credentials consist of an Access Key ID, a Secret Access Key, and a security token. These credentials are valid for the specified duration only. The session duration for IAM users can be between 15 minutes and 36 hours, with a default of 12 hours. The session duration for AWS account owners is restricted to a maximum of one hour. Providing the AWS Multi-Factor Authentication (MFA) device serial number and the token code is optional.
For more information about using GetSessionToken to create temporary credentials, go to Creating Temporary Credentials to Enable Access for IAM Users in Using IAM .
Returns information about the GetSessionTokenResult response and response metadata.
Contains the result of a successful invocation of the GetSessionToken action.