List of usage examples for com.amazonaws.services.securitytoken.model AssumeRoleWithSAMLResult getAssumedRoleUser
public AssumedRoleUser getAssumedRoleUser()
The identifiers for the temporary security credentials that the operation returns.
From source file:com.okta.tools.awscli.java
License:Open Source License
public static void main(String[] args) throws Exception { awsSetup();/*www .j a va2 s .com*/ extractCredentials(args); // Part 1: Initiate the authentication and capture the SAML assertion. CloseableHttpClient httpClient = null; String resultSAML = ""; try { String strOktaSessionToken = oktaAuthntication(); if (!strOktaSessionToken.equalsIgnoreCase("")) //Part 2 get saml assertion resultSAML = awsSamlHandler(strOktaSessionToken); } catch (MalformedURLException e) { e.printStackTrace(); } catch (UnknownHostException e) { logger.error( "\nUnable to establish a connection with AWS. \nPlease verify that your OKTA_AWS_APP_URL parameter is correct and try again"); System.exit(0); } catch (ClientProtocolException e) { logger.error("\nNo Org found, please specify an OKTA_ORG parameter in your config.properties file"); System.exit(0); } catch (IOException e) { e.printStackTrace(); } // Part 3: Assume an AWS role using the SAML Assertion from Okta AssumeRoleWithSAMLResult assumeResult = assumeAWSRole(resultSAML); com.amazonaws.services.securitytoken.model.AssumedRoleUser aru = assumeResult.getAssumedRoleUser(); String arn = aru.getArn(); //String roleid = aru.getAssumedRoleId(); // Part 4: Write the credentials to ~/.aws/credentials String profileName = setAWSCredentials(assumeResult, arn); // Part 5: Get the final role to assume and update the config file to add it to the user's profile GetRoleToAssume(crossAccountRoleName); logger.trace("Role to assume ARN: " + roleToAssume); UpdateConfigFile(profileName, roleToAssume); // Print Final message resultMessage(profileName); }