AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
For example, if a user is not authorized to perform an action that he or she has requested,
the request returns a Client.UnauthorizedOperation
response (an HTTP
403 response). Some AWS actions additionally return an encoded message that can provide
details about this authorization failure.
The message is encoded because the details of the authorization status can constitute
privileged information that the user who requested the action should not see. To decode
an authorization status message, a user must be granted permissions via an IAM policy
to request the DecodeAuthorizationMessage
(sts:DecodeAuthorizationMessage
)
action.
The decoded message includes the following type of information:
Namespace: Amazon.SecurityToken
Assembly: AWSSDK.dll
Version: (assembly version)
public abstract DecodeAuthorizationMessageResponse DecodeAuthorizationMessage( DecodeAuthorizationMessageRequest request )
Container for the necessary parameters to execute the DecodeAuthorizationMessage service method.
Exception | Condition |
---|---|
InvalidAuthorizationMessageException | The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks. |
.NET Framework:
Supported in: 4.5, 4.0, 3.5