@aws-lite/sts
v0.1.2
Published
Official `aws-lite` plugin for STS
Downloads
64
Readme
@aws-lite/sts
Official
aws-lite
plugin for STS
Maintained by: @architect
Install
npm i @aws-lite/sts
Optionally install types:
npm i -D @aws-lite/sts-types
Reference
Reference documentation with examples at aws-lite.org
Reference
Reference documentation with examples at aws-lite.org
Methods
AssumeRole
Properties:
RoleArn
(string) [required]- ARN of the role to assume
RoleSessionName
(string) [required]- Identifier for the assumed role session; must conform to
[w+=,.@-]*
- Identifier for the assumed role session; must conform to
DurationSeconds
(number)- Duration of the role session; from
900
to43200
- Duration of the role session; from
ExternalId
(string)- Unique identifier that might be required when assuming a role in another account
Policy
(string)- JSON IAM policy document to use as an inline session policy
PolicyArns
(array)- ARNs of the IAM managed policies to use
ProvidedContexts
(array)- List of previously acquired trusted context assertions in the format of a JSON array
- More details (AWS)
SerialNumber
(string)- MFA device ID associated with the user making the call
SourceIdentity
(string)- Source identity specified by the principal making the call
Tags
(array)- Session tags; each tag is an object containing a
Key
andValue
property
- Session tags; each tag is an object containing a
TokenCode
(string)- MFA value (if required by the role's trust policy)
TransitiveTagKeys
(array)- Session tags, set as transitive to subsequent sessions in the role chain
- More details (AWS)
AssumeRoleWithSAML
Properties:
RoleArn
(string) [required]- ARN of the role to assume
PrincipalArn
(string) [required]- ARN of the SAML provider that describes the IdP
SAMLAssertion
(string) [required]- base64-encoded SAML authentication response provided by the IdP
DurationSeconds
(number)- Duration of the role session; from
900
to43200
- Duration of the role session; from
Policy
(string)- JSON IAM policy document to use as an inline session policy
PolicyArns
(array)- ARNs of the IAM managed policies to use
AssumeRoleWithWebIdentity
Properties:
RoleArn
(string) [required]- ARN of the role to assume
RoleSessionName
(string) [required]- Identifier for the assumed role session; must conform to
[w+=,.@-]*
- Identifier for the assumed role session; must conform to
WebIdentityToken
(string) [required]- OAuth 2.0 access token or OpenID Connect ID token provided by the IdP
DurationSeconds
(number)- Duration of the role session; from
900
to43200
- Duration of the role session; from
ProviderId
(string)- Fully qualified host of the domain name of the OAuth 2.0 IdP; do not specify this value for an OpenID Connect identity provider
Policy
(string)- JSON IAM policy document to use as an inline session policy
PolicyArns
(array)- ARNs of the IAM managed policies to use
DecodeAuthorizationMessage
Properties:
EncodedMessage
(string) [required]- Encoded message returned with the response
GetAccessKeyInfo
Properties:
AccessKeyId
(string) [required]- AWS access key to query
GetCallerIdentity
Properties:
GetFederationToken
Properties:
Name
(string) [required]- Name of the federated user
DurationSeconds
(number)- Duration of the role session; from
900
to43200
- Duration of the role session; from
Policy
(string)- JSON IAM policy document to use as an inline session policy
PolicyArns
(array)- ARNs of the IAM managed policies to use
Tags
(array)- Session tags; each tag is an object containing a
Key
andValue
property
- Session tags; each tag is an object containing a
GetSessionToken
Properties:
DurationSeconds
(number)- Duration of the role session; from
900
to43200
- Duration of the role session; from
SerialNumber
(string)- MFA device ID associated with the user making the call
TokenCode
(string)- MFA value (if required by the role's trust policy)