Learn R
aws.iam (version 0.1.7)

get_session_token: Temporary Session Tokens

Description

Get a temporary credentials (i.e., a Session Token)

Usage

get_session_token(duration = 900, id, code, use = FALSE, ...)
get_federation_token(duration = 900, name, policy, use = FALSE, ...)
get_caller_identity(...)
assume_role(role, session, duration = 900, id, code, externalid, policy,
  use = FALSE, ...)
delete_saved_credentials()
restore_credentials()

Arguments

duration

A numeric value specifying a duration that the credentials should be valid, in seconds, between 900 and 129600.

id

Optionally, the serial number or Amazon Resource Number for a multi-factor authentication (MFA) device.

code

If id is specified, the value provided by the MFA device.

use

A logical (default FALSE), specifying whether to use these credentials for subsequent requests. If TRUE, any currently used credentials are stored in a package environment (if no credentials are already stored; in that case, the request will fail) and the requested tokens overwrite them in the relevant environment variables. restore_credentials() can then be used to reset environment variables based on those from the saved environment; delete_saved_credentials() deletes the credentials without restoring them.

Additional arguments passed to stsHTTP.

name

The name of the federated user.

policy

A character string specifying a JSON-formatted role policy. For assume_role, if role is an object of class “iam_role”, this will be inferred automatically.

role

A character string containing a role ARN or an object of class “iam_role”.

session

A character string specifying the name of the temporary session.

externalid

A unique identifier that is used by third parties when assuming roles in their customers' accounts.

Value

A list.

Details

get_caller_identity returns the account ID and ARN for the currently credentialled user; this can be used to confirm that an assumed role has indeed been assumed. get_session_token and get_federation_token generate and return temporary credentials. Details about the underlying behavior of the various API endpoints can be found at Requesting Temporary Security Credentials.

References

API Reference: GetCallerIdentity API Reference: GetSessionToken API Reference: GetFederationToken API Reference: AssumeRole API Reference: AssumeRoleWithSAML API Reference: AssumeRoleWithWebIdentity

Examples

Run this code

get_caller_identity() # check current identity
get_session_token() # get token but do not use

x <- get_session_token(use = TRUE) # use temp token
get_caller_identity() # check that token is in use

restore_credentials() # return to original credentials
get_caller_identity() # check identity, again

Run the code above in your browser using DataLab