lakeformation_assume_decorated_role_with_saml: Allows a caller to assume an IAM role decorated as the SAML...
In paws.database: 'Amazon Web Services' Database Services
View source: R/lakeformation_operations.R
lakeformation_assume_decorated_role_with_saml R Documentation
Allows a caller to assume an IAM role decorated as the SAML user
specified in the SAML assertion included in the request
Description
Allows a caller to assume an IAM role decorated as the SAML user specified in the SAML assertion included in the request. This decoration allows Lake Formation to enforce access policies against the SAML users and groups. This API operation requires SAML federation setup in the caller’s account as it can only be called with valid SAML assertions. Lake Formation does not scope down the permission of the assumed role. All permissions attached to the role via the SAML federation setup will be included in the role session.
See https://www.paws-r-sdk.com/docs/lakeformation_assume_decorated_role_with_saml/ for full documentation.
Usage
lakeformation_assume_decorated_role_with_saml(
SAMLAssertion,
RoleArn,
PrincipalArn,
DurationSeconds = NULL
)
Arguments
SAMLAssertion
[required] A SAML assertion consisting of an assertion statement for the user who
needs temporary credentials. This must match the SAML assertion that was
issued to IAM. This must be Base64 encoded.
RoleArn
[required] The role that represents an IAM principal whose scope down policy allows
it to call credential vending APIs such as
GetTemporaryTableCredentials. The caller must also have iam:PassRole
permission on this role.
PrincipalArn
[required] The Amazon Resource Name (ARN) of the SAML provider in IAM that
describes the IdP.
DurationSeconds
The time period, between 900 and 43,200 seconds, for the timeout of the
temporary credentials.
paws.database documentation built on Sept. 12, 2024, 6:37 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
View source: R/lakeformation_operations.R
| lakeformation_assume_decorated_role_with_saml | R Documentation |
Allows a caller to assume an IAM role decorated as the SAML user specified in the SAML assertion included in the request
Description
Allows a caller to assume an IAM role decorated as the SAML user specified in the SAML assertion included in the request. This decoration allows Lake Formation to enforce access policies against the SAML users and groups. This API operation requires SAML federation setup in the caller’s account as it can only be called with valid SAML assertions. Lake Formation does not scope down the permission of the assumed role. All permissions attached to the role via the SAML federation setup will be included in the role session.
See https://www.paws-r-sdk.com/docs/lakeformation_assume_decorated_role_with_saml/ for full documentation.
Usage
lakeformation_assume_decorated_role_with_saml(
SAMLAssertion,
RoleArn,
PrincipalArn,
DurationSeconds = NULL
)
Arguments
SAMLAssertion |
[required] A SAML assertion consisting of an assertion statement for the user who needs temporary credentials. This must match the SAML assertion that was issued to IAM. This must be Base64 encoded. |
RoleArn |
[required] The role that represents an IAM principal whose scope down policy allows
it to call credential vending APIs such as
|
PrincipalArn |
[required] The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP. |
DurationSeconds |
The time period, between 900 and 43,200 seconds, for the timeout of the temporary credentials. |
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.