Example usage for com.amazonaws.services.securitytoken AWSSecurityTokenServiceClient assumeRole

List of usage examples for com.amazonaws.services.securitytoken AWSSecurityTokenServiceClient assumeRole

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.securitytoken.*
  5. AWSSecurityTokenServiceClient
  6. assumeRole

Introduction

In this page you can find the example usage for com.amazonaws.services.securitytoken AWSSecurityTokenServiceClient assumeRole.

Prototype

@Override
public AssumeRoleResult assumeRole(AssumeRoleRequest request)

Source Link

Document

Returns a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to.

Usage

From source file:org.jets3t.service.security.AWSRoleSessionCredentials.java

License:Apache License

private void assumeRoleAndGetCredentials() {
    int defaultRequestedExpiryTimeInMinutes = jets3tProperties
            .getIntProperty("aws.session-credentials.expiry-time.to-be-requested", 60);
    com.amazonaws.auth.AWSCredentials awsCredentials = new BasicAWSCredentials(iamAccessKey, iamSecretKey);
    AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(awsCredentials);
    AssumeRoleRequest assumeRequest = new AssumeRoleRequest().withRoleArn(roleToBeAssumed)
            .withDurationSeconds(defaultRequestedExpiryTimeInMinutes * 60)
            .withRoleSessionName(DEFAULT_SESSION_NAME);
    if (externalId != null) {
        assumeRequest = assumeRequest.withExternalId(externalId);
    }//from w w w . ja v a2s  .c om
    AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest);
    this.accessKey = assumeResult.getCredentials().getAccessKeyId();
    this.secretKey = assumeResult.getCredentials().getSecretAccessKey();
    this.sessionToken = assumeResult.getCredentials().getSessionToken();
    this.expirationDate = assumeResult.getCredentials().getExpiration();
}

From source file:org.zalando.stups.fullstop.plugin.example.ExamplePlugin.java

License:Apache License

private AmazonEC2Client getClientForAccount(final String accountId, final Region region) {
    AWSSecurityTokenServiceClient stsClient = new AWSSecurityTokenServiceClient(
            new ProfileCredentialsProvider());

    AssumeRoleRequest assumeRequest = new AssumeRoleRequest()
            .withRoleArn("arn:aws:iam::ACCOUNT_ID:role/fullstop-role").withDurationSeconds(3600)
            .withRoleSessionName("fullstop-role");

    AssumeRoleResult assumeResult = stsClient.assumeRole(assumeRequest);

    BasicSessionCredentials temporaryCredentials = new BasicSessionCredentials(
            assumeResult.getCredentials().getAccessKeyId(), assumeResult.getCredentials().getSecretAccessKey(),
            assumeResult.getCredentials().getSessionToken());

    AmazonEC2Client amazonEC2Client = new AmazonEC2Client(temporaryCredentials);
    amazonEC2Client.setRegion(region);//from w  w w.  j  av a 2 s  .  com

    return amazonEC2Client;
}