AWS SDK for Go (PILOT)
API Reference

PREVIEW DOCUMENTATION - This is a preview of a new format for the AWS SDK for Go API Reference documentation. For the current AWS SDK for Go API Reference, see https://docs.aws.amazon.com/sdk-for-go/api/.

We welcome your feedback on this new version of the documentation. Send your comments to aws-sdkdocs-feedback@amazon.com.

ErrCodeExpiredTokenException - ErrCodeRegionDisabledException

import "github.com/aws/aws-sdk-go/service/sts"

const ( ErrCodeExpiredTokenException = "ExpiredTokenException" ErrCodeIDPCommunicationErrorException = "IDPCommunicationError" ErrCodeIDPRejectedClaimException = "IDPRejectedClaim" ErrCodeInvalidAuthorizationMessageException = "InvalidAuthorizationMessageException" ErrCodeInvalidIdentityTokenException = "InvalidIdentityToken" ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument" ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge" ErrCodeRegionDisabledException = "RegionDisabledException" )

ErrCodeExpiredTokenException

ErrCodeExpiredTokenException for service response error code "ExpiredTokenException".

The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.

ErrCodeIDPCommunicationErrorException

ErrCodeIDPCommunicationErrorException for service response error code "IDPCommunicationError".

The request could not be fulfilled because the non-AWS identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the non-AWS identity provider might be down or not responding.

ErrCodeIDPRejectedClaimException

ErrCodeIDPRejectedClaimException for service response error code "IDPRejectedClaim".

The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid.

If this error is returned for the AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired or has been explicitly revoked.

ErrCodeInvalidAuthorizationMessageException

ErrCodeInvalidAuthorizationMessageException for service response error code "InvalidAuthorizationMessageException".

The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks.

ErrCodeInvalidIdentityTokenException

ErrCodeInvalidIdentityTokenException for service response error code "InvalidIdentityToken".

The web identity token that was passed could not be validated by AWS. Get a new identity token from the identity provider and then retry the request.

ErrCodeMalformedPolicyDocumentException

ErrCodeMalformedPolicyDocumentException for service response error code "MalformedPolicyDocument".

The request was rejected because the policy document was malformed. The error message describes the specific error.

ErrCodePackedPolicyTooLargeException

ErrCodePackedPolicyTooLargeException for service response error code "PackedPolicyTooLarge".

The request was rejected because the policy document was too large. The error message describes how big the policy document is, in packed form, as a percentage of what the API allows.

ErrCodeRegionDisabledException

ErrCodeRegionDisabledException for service response error code "RegionDisabledException".

STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see Activating and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

On this page: