Difference between revisions of "Aws sts assume-role"
Jump to navigation
Jump to search
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{lc}} | {{lc}} | ||
− | <code>[[aws sts]] assume-role</code> ([https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/assume-role.html doc], [https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html API ref]) | + | <code>[[aws sts]] assume-role</code> ([https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/assume-role.html doc], [https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html API ref]) Returns a set of [[temporary security credentials]] that you can use to access Amazon Web Services resources. |
Line 20: | Line 20: | ||
* [[Maximum session duration]] | * [[Maximum session duration]] | ||
* <code>[[assumed-role/]]</code> | * <code>[[assumed-role/]]</code> | ||
− | * [[aws sts get-caller-identity]] | + | * <code>[[aws sts get-caller-identity]]</code> |
− | * [[aws iam get-role]] | + | * <code>[[aws iam get-role]]</code> |
== Activities == | == Activities == | ||
* [[Enhance programmatic access for IAM users using a YubiKey for multi-factor authentication]] | * [[Enhance programmatic access for IAM users using a YubiKey for multi-factor authentication]] | ||
+ | * [[Creating a role to delegate permissions to an IAM user]] | ||
== See also == | == See also == |
Latest revision as of 15:18, 3 January 2024
aws sts assume-role
(doc, API ref) Returns a set of temporary security credentials that you can use to access Amazon Web Services resources.
aws sts assume-role --role-arn your_role
aws sts assume-role --role-arn your_role --role-session-name XXXX
aws sts assume-role --role-arn your_role --role-session-name XXXX --serial-number yyyyy --token-code your-token
aws sts get-session-token --profile
--role-arn <value> --role-session-name <value> --duration-seconds <value> The maximum session duration setting can have a value from 1 hour to 12 hours --source-identity
Related[edit]
- AWS IAM role
aws iam enable-mfa-device
aws sts assume-role-with-saml
sts:AssumeRole
- Maximum session duration
assumed-role/
aws sts get-caller-identity
aws iam get-role
Activities[edit]
- Enhance programmatic access for IAM users using a YubiKey for multi-factor authentication
- Creating a role to delegate permissions to an IAM user
See also[edit]
aws sts assume-role
,assumed-role/, arn:aws:sts
- AWS STS
(sts:)
,aws sts
[get-session-token
|get-caller-identity
|assume-role | assume-role-with-web-identity | assume-role-with-saml | get-access-key-info ]
- AWS IAM role, AWS service roles, AWS IAM Roles Anywhere: [
list-roles | get-role | create-role | put-role-policy | create-service-linked-role | attach-role-policy | update-role | add-role-to-instance-profile ], aws ec2 describe-iam-instance-profile-associations ]
, IAM roles for EC2 instances,AWSServiceRoleForAutoScaling
Advertising: