Difference between revisions of "Aws sts get-caller-identity"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
 
(13 intermediate revisions by the same user not shown)
Line 4: Line 4:
 
* https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-caller-identity.html
 
* https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-caller-identity.html
  
== Command ==
+
== Commands ==
 
* <code>[[aws sts]] get-caller-identity</code>
 
* <code>[[aws sts]] get-caller-identity</code>
 
* <code>aws sts get-caller-identity --profile XXXXX</code>
 
* <code>aws sts get-caller-identity --profile XXXXX</code>
* [[ACCOUNT_ID]]=$(aws sts get-caller-identity --output text --query 'Account')
+
* <code>aws sts get-caller-identity --output text --query 'Account'</code>
 +
* <code>[[ACCOUNT_ID]]=$(aws sts get-caller-identity --output text --query 'Account')</code>
 +
 
 +
 
 +
* <code>[[aws sts]] get-caller-identity && [[aws iam list-account-aliases]]</code>
  
 
== Examples ==
 
== Examples ==
Line 13: Line 17:
 
  {
 
  {
 
     "UserId": "ZIDBZCTGOUKVXXFNQ5Q3F",
 
     "UserId": "ZIDBZCTGOUKVXXFNQ5Q3F",
     "[[Account]]": "09876543212",
+
     "[[AWS accounts|Account]]": "09876543212",
 
     "Arn": "arn:aws:iam::09876543212:user/your_user"
 
     "Arn": "arn:aws:iam::09876543212:user/your_user"
 
  }
 
  }
Line 20: Line 24:
 
     "UserId": "AROASTNMATSFIGC3RFZFC:martin.oscar",
 
     "UserId": "AROASTNMATSFIGC3RFZFC:martin.oscar",
 
     "Account": "09876543212",
 
     "Account": "09876543212",
     "Arn": "arn:aws:sts::09876543212:[[assumed-role]]/AWSReservedSSO_AdministratorAccess_111111111/your-username"
+
     "Arn": "arn:aws:sts::09876543212:[[assumed-role]]/[[AWSReservedSSO_AdministratorAccess]]_111111111/your-username"
 
  }
 
  }
  
Line 33: Line 37:
  
 
* <code>[[error: You must be logged in to the server (Unauthorized)]]</code>
 
* <code>[[error: You must be logged in to the server (Unauthorized)]]</code>
 +
 +
[[data.aws_caller_identity.current]]
 +
Traceback (most recent call last):
 +
  File "/usr/local/bin/aws", line 19, in <module>
 +
    import awscli.clidriver
 +
  File "/usr/local/lib/python3.6/site-packages/awscli/clidriver.py", line 17, in <module>
 +
    import botocore.session
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/session.py", line 29, in <module>
 +
    import botocore.credentials
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/credentials.py", line 35, in <module>
 +
    from botocore.config import Config
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/config.py", line 16, in <module>
 +
    from botocore.endpoint import DEFAULT_TIMEOUT, MAX_POOL_CONNECTIONS
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 24, in <module>
 +
    from botocore.awsrequest import create_request_object
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/awsrequest.py", line 24, in <module>
 +
    import botocore.utils
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/utils.py", line 32, in <module>
 +
    import botocore.httpsession
 +
  File "/usr/local/lib/python3.6/site-packages/botocore/httpsession.py", line 10, in <module>
 +
    from urllib3.util.ssl_ import (
 +
[[ImportError]]: cannot import name '[[PROTOCOL_TLS]]'
  
 
== Related ==
 
== Related ==
 
* <code>[[AWS PROFILE]]</code>
 
* <code>[[AWS PROFILE]]</code>
 +
* <code>[[aws organizations describe-organization]]</code>
 +
* <code>[[aws iam list-attached-user-policies]]</code>
 
* <code>[[aws iam get-account-summary]]</code>
 
* <code>[[aws iam get-account-summary]]</code>
 
* <code>[[aws iam list-account-aliases]]</code>
 
* <code>[[aws iam list-account-aliases]]</code>
Line 41: Line 69:
 
* <code>[[aws sts get-session-token]]</code>
 
* <code>[[aws sts get-session-token]]</code>
 
* <code>[[aws iam get-user]]</code>
 
* <code>[[aws iam get-user]]</code>
[[aws ssm get-instance-profile]]
+
* <code>[[aws ssm get-instance-profile]]</code>
 
* [[An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied]]
 
* [[An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied]]
 
* <code>[[aws eks get-token]]</code>
 
* <code>[[aws eks get-token]]</code>
[[sts:AssumeRole]]
+
* <code>[[sts:AssumeRole]]</code>
[[sts:GetCallerIdentity]]
+
* <code>[[sts:GetCallerIdentity]]</code>
 +
* [[AWS switching to a role]]
 +
* [[AWS info]]
 +
* [[Creating or updating a kubeconfig file for an Amazon EKS cluster]]
  
 
== See also ==
 
== See also ==

Latest revision as of 05:09, 12 February 2024

aws sts get-caller-identity command outputs three pieces of information including the ARN.

Commands[edit]

  • aws sts get-caller-identity
  • aws sts get-caller-identity --profile XXXXX
  • aws sts get-caller-identity --output text --query 'Account'
  • ACCOUNT_ID=$(aws sts get-caller-identity --output text --query 'Account')


Examples[edit]

aws sts get-caller-identity
{
    "UserId": "ZIDBZCTGOUKVXXFNQ5Q3F",
    "Account": "09876543212",
    "Arn": "arn:aws:iam::09876543212:user/your_user"
}
{
    "UserId": "AROASTNMATSFIGC3RFZFC:martin.oscar",
    "Account": "09876543212",
    "Arn": "arn:aws:sts::09876543212:assumed-role/AWSReservedSSO_AdministratorAccess_111111111/your-username"
}

Errors[edit]

aws sts get-caller-identity
Unable to locate credentials. You can configure credentials by running "aws configure".
aws sts get-caller-identity
An error ocurred (InvalidClientTokenId) when calling the GetCallerIdentity operation: The security token included in the request is invalid
data.aws_caller_identity.current
data.aws_caller_identity.current
Traceback (most recent call last):
 File "/usr/local/bin/aws", line 19, in <module>
   import awscli.clidriver
 File "/usr/local/lib/python3.6/site-packages/awscli/clidriver.py", line 17, in <module>
   import botocore.session
 File "/usr/local/lib/python3.6/site-packages/botocore/session.py", line 29, in <module>
   import botocore.credentials
 File "/usr/local/lib/python3.6/site-packages/botocore/credentials.py", line 35, in <module>
   from botocore.config import Config
 File "/usr/local/lib/python3.6/site-packages/botocore/config.py", line 16, in <module>
   from botocore.endpoint import DEFAULT_TIMEOUT, MAX_POOL_CONNECTIONS
 File "/usr/local/lib/python3.6/site-packages/botocore/endpoint.py", line 24, in <module>
   from botocore.awsrequest import create_request_object
 File "/usr/local/lib/python3.6/site-packages/botocore/awsrequest.py", line 24, in <module>
   import botocore.utils
 File "/usr/local/lib/python3.6/site-packages/botocore/utils.py", line 32, in <module>
   import botocore.httpsession
 File "/usr/local/lib/python3.6/site-packages/botocore/httpsession.py", line 10, in <module>
   from urllib3.util.ssl_ import (
ImportError: cannot import name 'PROTOCOL_TLS'

Related[edit]

See also[edit]

Advertising: