List of usage examples for com.amazonaws.services.securitytoken AWSSecurityTokenServiceClient AWSSecurityTokenServiceClient
AWSSecurityTokenServiceClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled)
From source file:com.netflix.ice.common.AwsUtils.java
License:Apache License
/** * This method must be called before all methods can be used. * @param credentialsProvider/*from w w w.j a v a 2 s .c o m*/ */ public static void init(AWSCredentialsProvider credentialsProvider) { awsCredentialsProvider = credentialsProvider; clientConfig = new ClientConfiguration(); String proxyHost = System.getProperty("https.proxyHost"); String proxyPort = System.getProperty("https.proxyPort"); if (proxyHost != null && proxyPort != null) { clientConfig.setProxyHost(proxyHost); clientConfig.setProxyPort(Integer.parseInt(proxyPort)); } s3Client = new AmazonS3Client(awsCredentialsProvider, clientConfig); securityClient = new AWSSecurityTokenServiceClient(awsCredentialsProvider, clientConfig); if (System.getProperty("EC2_REGION") != null && !"us-east-1".equals(System.getProperty("EC2_REGION"))) { if ("global".equals(System.getProperty("EC2_REGION"))) { s3Client.setEndpoint("s3.amazonaws.com"); } else { s3Client.setEndpoint("s3-" + System.getProperty("EC2_REGION") + ".amazonaws.com"); } } }
From source file:com.netflix.simianarmy.aws.STSAssumeRoleSessionCredentialsProvider.java
License:Apache License
/** * Constructs a new STSAssumeRoleSessionCredentialsProvider, which will use * the specified long lived AWS credentials to make a request to the AWS * Security Token Service (STS), uses the provided {@link #roleArn} to * assume a role and then request short lived session credentials, which * will then be returned by this class's {@link #getCredentials()} method. * @param longLivedCredentials/* w w w .j ava 2s . co m*/ * The main AWS credentials for a user's account. * @param roleArn * The AWS ARN of the Role to be assumed. * @param clientConfiguration * Client configuration connection parameters. */ public STSAssumeRoleSessionCredentialsProvider(AWSCredentials longLivedCredentials, String roleArn, ClientConfiguration clientConfiguration) { this.roleArn = roleArn; securityTokenService = new AWSSecurityTokenServiceClient(longLivedCredentials, clientConfiguration); }
From source file:com.netflix.simianarmy.aws.STSAssumeRoleSessionCredentialsProvider.java
License:Apache License
/** * Constructs a new STSAssumeRoleSessionCredentialsProvider, which will use * the specified credentials provider (which vends long lived AWS * credentials) to make a request to the AWS Security Token Service (STS), * uses the provided {@link #roleArn} to assume a role and then request * short lived session credentials, which will then be returned by this * class's {@link #getCredentials()} method. * @param longLivedCredentialsProvider/*from www . j a v a 2s . c o m*/ * Credentials provider for the main AWS credentials for a user's * account. * @param roleArn * The AWS ARN of the Role to be assumed. * @param clientConfiguration * Client configuration connection parameters. */ public STSAssumeRoleSessionCredentialsProvider(AWSCredentialsProvider longLivedCredentialsProvider, String roleArn, ClientConfiguration clientConfiguration) { this.roleArn = roleArn; securityTokenService = new AWSSecurityTokenServiceClient(longLivedCredentialsProvider, clientConfiguration); }
From source file:de.is24.aws.instancemetadataserver.AwsClientFactory.java
License:Apache License
public AWSSecurityTokenService awsSecurityTokenService() { return new AWSSecurityTokenServiceClient(credentials, CLIENT_CONFIGURATION); }
From source file:io.fineo.client.auth.CognitoCredentialsProvider.java
License:Open Source License
/** * Constructs a new {@link CognitoCredentialsProvider}, which will use the * specified Amazon Cognito identity pool to make a request, using the basic * authentication flow, to the AWS Security Token Service (STS) to request * short-lived session credentials, which will then be returned by this * class's {@link #getCredentials()} method. * <p>/*w w w.j av a2s.c o m*/ * This version of the constructor allows you to specify a client * configuration for the Amazon Cognito and STS clients. * </p> * * @param accountId The AWS accountId for the account with Amazon Cognito * @param identityPoolId The Amazon Cognito identity pool to use * @param unauthRoleArn The ARN of the IAM Role that will be assumed when * unauthenticated * @param authRoleArn The ARN of the IAM Role that will be assumed when * authenticated * @param region The region to use when contacting Cognito Identity * @param clientConfiguration Configuration to apply to service clients * created */ public CognitoCredentialsProvider(String accountId, String identityPoolId, String unauthRoleArn, String authRoleArn, Regions region, ClientConfiguration clientConfiguration) { this(accountId, identityPoolId, unauthRoleArn, authRoleArn, new AmazonCognitoIdentityClient(new AnonymousAWSCredentials(), clientConfiguration), (unauthRoleArn == null && authRoleArn == null) ? null : new AWSSecurityTokenServiceClient(new AnonymousAWSCredentials(), clientConfiguration)); this.cib.setRegion(Region.getRegion(region)); }
From source file:io.fineo.client.auth.CognitoCredentialsProvider.java
License:Open Source License
/** * Constructs a new CognitoCredentialsProvider, which will set up a link to * the provider passed in using the basic authentication flow to get get * short-lived credentials from STS, which can be retrieved from * {@link #getCredentials()}/*w ww . j av a 2 s.c o m*/ * <p> * This version of the constructor allows you to specify your own Identity * Provider class. * </p> * * @param provider a reference to the provider in question, including what's * needed to interact with it to later connect with STS * @param unauthArn the unauthArn, for use with the STS call * @param authArn the authArn, for use with the STS call */ public CognitoCredentialsProvider(AWSCognitoIdentityProvider provider, String unauthArn, String authArn) { this(provider, unauthArn, authArn, new AWSSecurityTokenServiceClient(new AnonymousAWSCredentials(), new ClientConfiguration())); }
From source file:org.apache.nifi.processors.aws.credentials.provider.factory.strategies.AssumeRoleCredentialsStrategy.java
License:Apache License
@Override public AWSCredentialsProvider getDerivedCredentialsProvider(Map<PropertyDescriptor, String> properties, AWSCredentialsProvider primaryCredentialsProvider) { final String assumeRoleArn = properties.get(ASSUME_ROLE_ARN); final String assumeRoleName = properties.get(ASSUME_ROLE_NAME); String rawMaxSessionTime = properties.get(MAX_SESSION_TIME); rawMaxSessionTime = (rawMaxSessionTime != null) ? rawMaxSessionTime : MAX_SESSION_TIME.getDefaultValue(); final Integer maxSessionTime = Integer.parseInt(rawMaxSessionTime.trim()); final String assumeRoleExternalId = properties.get(ASSUME_ROLE_EXTERNAL_ID); STSAssumeRoleSessionCredentialsProvider.Builder builder; ClientConfiguration config = new ClientConfiguration(); // If proxy variables are set, then create Client Configuration with those values if (proxyVariablesValidForAssumeRole(properties)) { final String assumeRoleProxyHost = properties.get(ASSUME_ROLE_PROXY_HOST); final Integer assumeRoleProxyPort = Integer.parseInt(properties.get(ASSUME_ROLE_PROXY_PORT)); config.withProxyHost(assumeRoleProxyHost); config.withProxyPort(assumeRoleProxyPort); }//from w ww. j a v a2 s . c om AWSSecurityTokenService securityTokenService = new AWSSecurityTokenServiceClient(primaryCredentialsProvider, config); builder = new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, assumeRoleName) .withStsClient(securityTokenService).withRoleSessionDurationSeconds(maxSessionTime); if (assumeRoleExternalId != null && !assumeRoleExternalId.isEmpty()) { builder = builder.withExternalId(assumeRoleExternalId); } final AWSCredentialsProvider credsProvider = builder.build(); return credsProvider; }