public AssumedRole(AssumedRoleUser assumedRoleUser) { this.Path = "/"; this.Arn = assumedRoleUser.Arn; this.CreateDate = DateTime.Now; this.RoleId = assumedRoleUser.AssumedRoleId; this.RoleName = assumedRoleUser.Arn.Split('/')[1]; }
public void SecurityTokenServiceAssumeRole() { #region to-assume-a-role-1480532402212 var response = client.AssumeRole(new AssumeRoleRequest { DurationSeconds = 3600, ExternalId = "123ABC", Policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}", RoleArn = "arn:aws:iam::123456789012:role/demo", RoleSessionName = "Bob" }); AssumedRoleUser assumedRoleUser = response.AssumedRoleUser; Credentials credentials = response.Credentials; integer packedPolicySize = response.PackedPolicySize; #endregion }
public async Task AssumeRoleAsyncTest() { // Create the mock client object var mockClient = new Mock <AmazonSecurityTokenServiceClient>(REGION); mockClient.Setup(client => client.AssumeRoleAsync( It.IsAny <AssumeRoleRequest>(), It.IsAny <CancellationToken>())) .Returns((AssumeRoleRequest r, CancellationToken token) => { var roleUser = new AssumedRoleUser() { Arn = roleArnToAssume, }; return(Task.FromResult(new AssumeRoleResponse() { AssumedRoleUser = roleUser, HttpStatusCode = HttpStatusCode.OK, })); }); var client = mockClient.Object; var assumeRoleReq = new AssumeRoleRequest() { DurationSeconds = 1600, RoleSessionName = "Session1", RoleArn = roleArnToAssume }; var response = await client.AssumeRoleAsync(assumeRoleReq); Assert.True(response.AssumedRoleUser.Arn == roleArnToAssume, "Successfully call to assume role."); bool ok = response.HttpStatusCode == HttpStatusCode.OK; Assert.True(ok, $"Successfully retrieved caller Identity."); }
public void SecurityTokenServiceAssumeRoleWithWebIdentity() { #region to-assume-a-role-as-an-openid-connect-federated-user-1480533445696 var response = client.AssumeRoleWithWebIdentity(new AssumeRoleWithWebIdentityRequest { DurationSeconds = 3600, ProviderId = "www.amazon.com", RoleArn = "arn:aws:iam::123456789012:role/FederatedWebIdentityRole", RoleSessionName = "app1", WebIdentityToken = "Atza%7CIQEBLjAsAhRFiXuWpUXuRvQ9PZL3GMFcYevydwIUFAHZwXZXXXXXXXXJnrulxKDHwy87oGKPznh0D6bEQZTSCzyoCtL_8S07pLpr0zMbn6w1lfVZKNTBdDansFBmtGnIsIapjI6xKR02Yc_2bQ8LZbUXSGm6Ry6_BG7PrtLZtj_dfCTj92xNGed-CrKqjG7nPBjNIL016GGvuS5gSvPRUxWES3VYfm1wl7WTI7jn-Pcb6M-buCgHhFOzTQxod27L9CqnOLio7N3gZAGpsp6n1-AJBOCJckcyXe2c6uD0srOJeZlKUm2eTDVMf8IehDVI0r1QOnTV6KzzAI3OY87Vd_cVMQ" }); AssumedRoleUser assumedRoleUser = response.AssumedRoleUser; string audience = response.Audience; Credentials credentials = response.Credentials; integer packedPolicySize = response.PackedPolicySize; string provider = response.Provider; string subjectFromWebIdentityToken = response.SubjectFromWebIdentityToken; #endregion }
public void SecurityTokenServiceAssumeRoleWithSAML() { #region to-assume-role-with-saml-14882749597814 var response = client.AssumeRoleWithSAML(new AssumeRoleWithSAMLRequest { DurationSeconds = 3600, PrincipalArn = "arn:aws:iam::123456789012:saml-provider/SAML-test", RoleArn = "arn:aws:iam::123456789012:role/TestSaml", SAMLAssertion = "VERYLONGENCODEDASSERTIONEXAMPLExzYW1sOkF1ZGllbmNlPmJsYW5rPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5TYW1sRXhhbXBsZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxOS0xMS0wMVQyMDoyNTowNS4xNDVaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2lnbmluLmF3cy5hbWF6b24uY29tL3NhbWwiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRoPD94bWwgdmpSZXNwb25zZT4=" }); AssumedRoleUser assumedRoleUser = response.AssumedRoleUser; string audience = response.Audience; Credentials credentials = response.Credentials; string issuer = response.Issuer; string nameQualifier = response.NameQualifier; int packedPolicySize = response.PackedPolicySize; string subject = response.Subject; string subjectType = response.SubjectType; #endregion }
public void SecurityTokenServiceAssumeRole() { #region to-assume-a-role-1480532402212 var client = new AmazonSecurityTokenServiceClient(); var response = client.AssumeRole(new AssumeRoleRequest { ExternalId = "123ABC", Policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:ListAllMyBuckets\",\"Resource\":\"*\"}]}", RoleArn = "arn:aws:iam::123456789012:role/demo", RoleSessionName = "testAssumeRoleSession", Tags = new List <Tag> { new Tag { Key = "Project", Value = "Unicorn" }, new Tag { Key = "Team", Value = "Automation" }, new Tag { Key = "Cost-Center", Value = "12345" } }, TransitiveTagKeys = new List <string> { "Project", "Cost-Center" } }); AssumedRoleUser assumedRoleUser = response.AssumedRoleUser; Credentials credentials = response.Credentials; int packedPolicySize = response.PackedPolicySize; #endregion }