Description Usage Arguments Details Value References Examples
Get a temporary credentials (i.e., a Session Token)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | get_session_token(duration = 900, id, code, tags, use = FALSE, ...)
get_federation_token(
duration = 900,
name,
policy,
policy_arns,
use = FALSE,
...
)
get_caller_identity(...)
assume_role(
role,
session,
duration,
id,
code,
externalid,
policy,
tags,
transitive.tags,
use = FALSE,
...
)
|
duration |
numeric, optional, duration for which the credentials should be valid, in seconds, between 900 and 129600. If not set, the back-end can decided. |
id |
string, optional, the serial number or Amazon Resource Number for a multi-factor authentication (MFA) device. |
code |
If |
tags |
named character vector or named list of scalars, optional, if specified then the supplied key/value pairs (names are keys) are passed as session tags. |
use |
logical (default |
... |
Additional arguments passed to |
name |
The name of the federated user. |
policy |
string, optional, specifying a JSON-formatted inline
session policy. Note that for |
policy_arns |
character vector, optional, list of ARNs of IAM managed policies to use as session policy. |
role |
string, role ARN or an object of class “iam_role”. |
session |
string, name of the temporary session, can be arbitrary and is mainly used to disambiguate multiple sessions using the same role. |
externalid |
A unique identifier that is used by third parties when assuming roles in their customers' accounts. |
transitive.tags |
character vector, optional, specifies names of the session tags which will be passed to subsequent sessions in the role chain. |
get_caller_identity
returns the account ID and ARN
for the currently credentialled user. This can be used to
confirm that an assumed role has indeed been assumed.
get_session_token
and get_federation_token
generate and return temporary credentials.
Details about the underlying behavior of the various API endpoints can be found at Requesting Temporary Security Credentials.
A list.
API Reference: GetCallerIdentity API Reference: GetSessionToken API Reference: GetFederationToken API Reference: AssumeRole API Reference: AssumeRoleWithSAML API Reference: AssumeRoleWithWebIdentity
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | ## Not run:
get_caller_identity() # check current identity
x <- get_session_token() # get token (T1) but do not use
set_credentials(x) # now use those credentials
# assume a role
r <- assume_role("arn:aws:iam::111111111111:role/my-role", "test", use=TRUE)
get_caller_identity() # check that the role has been assumed
restore_credentials() # return to credentials of T1
restore_credentials() # return to root credentials
get_caller_identity() # check identity, again
get_federation_token(name="Bob",
policy_arns="arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess",
use=TRUE)
aws.s3::bucketlist()
restore_credentials() # back to root
## End(Not run)
|
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.