// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. package sts_test import ( "fmt" "strings" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/sts" ) var _ time.Duration var _ strings.Reader var _ aws.Config func parseTime(layout, value string) *time.Time { t, err := time.Parse(layout, value) if err != nil { panic(err) } return &t } // To assume a role // func ExampleSTS_AssumeRole_shared00() { svc := sts.New(session.New()) input := &sts.AssumeRoleInput{ DurationSeconds: aws.Int64(3600), ExternalId: aws.String("123ABC"), Policy: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}"), RoleArn: aws.String("arn:aws:iam::123456789012:role/demo"), RoleSessionName: aws.String("Bob"), } result, err := svc.AssumeRole(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case sts.ErrCodeMalformedPolicyDocumentException: fmt.Println(sts.ErrCodeMalformedPolicyDocumentException, aerr.Error()) case sts.ErrCodePackedPolicyTooLargeException: fmt.Println(sts.ErrCodePackedPolicyTooLargeException, aerr.Error()) case sts.ErrCodeRegionDisabledException: fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To assume a role as an OpenID Connect-federated user // func ExampleSTS_AssumeRoleWithWebIdentity_shared00() { svc := sts.New(session.New()) input := &sts.AssumeRoleWithWebIdentityInput{ DurationSeconds: aws.Int64(3600), ProviderId: aws.String("www.amazon.com"), RoleArn: aws.String("arn:aws:iam::123456789012:role/FederatedWebIdentityRole"), RoleSessionName: aws.String("app1"), WebIdentityToken: aws.String("Atza%7CIQEBLjAsAhRFiXuWpUXuRvQ9PZL3GMFcYevydwIUFAHZwXZXXXXXXXXJnrulxKDHwy87oGKPznh0D6bEQZTSCzyoCtL_8S07pLpr0zMbn6w1lfVZKNTBdDansFBmtGnIsIapjI6xKR02Yc_2bQ8LZbUXSGm6Ry6_BG7PrtLZtj_dfCTj92xNGed-CrKqjG7nPBjNIL016GGvuS5gSvPRUxWES3VYfm1wl7WTI7jn-Pcb6M-buCgHhFOzTQxod27L9CqnOLio7N3gZAGpsp6n1-AJBOCJckcyXe2c6uD0srOJeZlKUm2eTDVMf8IehDVI0r1QOnTV6KzzAI3OY87Vd_cVMQ"), } result, err := svc.AssumeRoleWithWebIdentity(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case sts.ErrCodeMalformedPolicyDocumentException: fmt.Println(sts.ErrCodeMalformedPolicyDocumentException, aerr.Error()) case sts.ErrCodePackedPolicyTooLargeException: fmt.Println(sts.ErrCodePackedPolicyTooLargeException, aerr.Error()) case sts.ErrCodeIDPRejectedClaimException: fmt.Println(sts.ErrCodeIDPRejectedClaimException, aerr.Error()) case sts.ErrCodeIDPCommunicationErrorException: fmt.Println(sts.ErrCodeIDPCommunicationErrorException, aerr.Error()) case sts.ErrCodeInvalidIdentityTokenException: fmt.Println(sts.ErrCodeInvalidIdentityTokenException, aerr.Error()) case sts.ErrCodeExpiredTokenException: fmt.Println(sts.ErrCodeExpiredTokenException, aerr.Error()) case sts.ErrCodeRegionDisabledException: fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To decode information about an authorization status of a request // func ExampleSTS_DecodeAuthorizationMessage_shared00() { svc := sts.New(session.New()) input := &sts.DecodeAuthorizationMessageInput{ EncodedMessage: aws.String(""), } result, err := svc.DecodeAuthorizationMessage(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case sts.ErrCodeInvalidAuthorizationMessageException: fmt.Println(sts.ErrCodeInvalidAuthorizationMessageException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To get details about a calling IAM user // // This example shows a request and response made with the credentials for a user named // Alice in the AWS account 123456789012. func ExampleSTS_GetCallerIdentity_shared00() { svc := sts.New(session.New()) input := &sts.GetCallerIdentityInput{} result, err := svc.GetCallerIdentity(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To get details about a calling user federated with AssumeRole // // This example shows a request and response made with temporary credentials created // by AssumeRole. The name of the assumed role is my-role-name, and the RoleSessionName // is set to my-role-session-name. func ExampleSTS_GetCallerIdentity_shared01() { svc := sts.New(session.New()) input := &sts.GetCallerIdentityInput{} result, err := svc.GetCallerIdentity(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To get details about a calling user federated with GetFederationToken // // This example shows a request and response made with temporary credentials created // by using GetFederationToken. The Name parameter is set to my-federated-user-name. func ExampleSTS_GetCallerIdentity_shared02() { svc := sts.New(session.New()) input := &sts.GetCallerIdentityInput{} result, err := svc.GetCallerIdentity(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To get temporary credentials for a role by using GetFederationToken // func ExampleSTS_GetFederationToken_shared00() { svc := sts.New(session.New()) input := &sts.GetFederationTokenInput{ DurationSeconds: aws.Int64(3600), Name: aws.String("Bob"), Policy: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}"), } result, err := svc.GetFederationToken(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case sts.ErrCodeMalformedPolicyDocumentException: fmt.Println(sts.ErrCodeMalformedPolicyDocumentException, aerr.Error()) case sts.ErrCodePackedPolicyTooLargeException: fmt.Println(sts.ErrCodePackedPolicyTooLargeException, aerr.Error()) case sts.ErrCodeRegionDisabledException: fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) } // To get temporary credentials for an IAM user or an AWS account // func ExampleSTS_GetSessionToken_shared00() { svc := sts.New(session.New()) input := &sts.GetSessionTokenInput{ DurationSeconds: aws.Int64(3600), SerialNumber: aws.String("YourMFASerialNumber"), TokenCode: aws.String("123456"), } result, err := svc.GetSessionToken(input) if err != nil { if aerr, ok := err.(awserr.Error); ok { switch aerr.Code() { case sts.ErrCodeRegionDisabledException: fmt.Println(sts.ErrCodeRegionDisabledException, aerr.Error()) default: fmt.Println(aerr.Error()) } } else { // Print the error, cast err to awserr.Error to get the Code and // Message from an error. fmt.Println(err.Error()) } return } fmt.Println(result) }