API for IAM Roles Anywhere¶
| ABAP Package | /AWS1/API_RLA |
|---|---|
| ABAP SDK "TLA" | RLA |
| ABAP Interface | /AWS1/IF_RLA |
The "TLA" is a Three Letter Abbreviation that appears in ABAP class names, data dictionary
objects and other ABAP objects throughout the AWS SDK for SAP ABAP. The TLA for IAM Roles Anywhere is RLA.
This TLA helps squeeze ABAP objects into the 30-character length limit of the ABAP data dictionary.
Installation¶
To install the AWS SDK for SAP ABAP, import the Core transport, along with the transport for the RolesAnywhere module and other API modules you are interested in. A few modules are included in the Core transport itself. For more information, see the Developer Guide guide.
About The Service¶
AWS Identity and Access Management Roles Anywhere provides a secure way for your workloads such as servers, containers, and applications running outside of AWS to obtain Temporary AWS credentials. Your workloads can use the same IAM policies and roles that you have configured with native AWS applications to access AWS resources. Using IAM Roles Anywhere will eliminate the need to manage long term credentials for workloads running outside of AWS.
To use IAM Roles Anywhere customer workloads will need to use X.509 certificates issued by their Certificate Authority (CA) . The Certificate Authority (CA) needs to be registered with IAM Roles Anywhere as a trust anchor to establish trust between customer PKI and IAM Roles Anywhere. Customers who do not manage their own PKI system can use AWS Certificate Manager Private Certificate Authority (ACM PCA) to create a Certificate Authority and use that to establish trust with IAM Roles Anywhere
This guide describes the IAM rolesanywhere operations that you can call programmatically. For general information about IAM Roles Anywhere see https://docs.aws.amazon.com/
Using the SDK¶
In your code, create a client using the SDK module for IAM Roles Anywhere, which is created with
factory method /AWS1/CL_RLA_FACTORY=>CREATE().
In this example we will assume you have configured
an SDK profile in transaction /AWS1/IMG called ZFINANCE.
DATA(go_session) = /aws1/cl_rt_session_aws=>create( 'ZFINANCE' ).
DATA(go_rla) = /aws1/cl_rla_factory=>create( go_session ).
Your variable go_rla is an instance of /AWS1/IF_RLA,
and all of the operations
in the IAM Roles Anywhere service are accessed by calling methods in /AWS1/IF_RLA.
API Operations¶
For an overview of ABAP method calls corresponding to API operations in IAM Roles Anywhere, see the Operation List.
Factory Method¶
/AWS1/CL_RLA_FACTORY=>CREATE( )¶
Creates an object of type /AWS1/IF_RLA.
IMPORTING¶
Required arguments:¶
IO_SESSION TYPE REF TO /AWS1/CL_RT_SESSION_BASE¶
Optional arguments:¶
IV_PROTOCOL TYPE /AWS1/RT_PROTOCOL¶
IV_REGION TYPE /AWS1/RT_REGION_ID¶
IV_CUSTOM_ENDPOINT TYPE /AWS1/RT_ENDPOINT¶
RETURNING¶
OO_CLIENT TYPE REF TO /AWS1/IF_RLA¶
/AWS1/IF_RLArepresents the ABAP client for the RolesAnywhere service, representing each operation as a method call. For more information see the API Page page.