public void GetEndpointExists() { manager.RegisterEndpoint(DefaultAuthSamlEndpoint); SAMLEndpoint samlEndpoint = manager.GetEndpoint(EndpointName); Assert.IsNotNull(samlEndpoint); }
/// <summary> /// Constructs an instance of FederatedAWSCredentials. After construction call GetCredentials /// to authenticate the user/process and obtain temporary AWS credentials. /// </summary> /// <param name="samlEndpoint">The SAML endpoint used for authentication.</param> /// <param name="roleArn">The role ARN used for authentication.</param> /// <param name="options">The options used for authentication. /// See <see cref="FederatedAWSCredentialsOptions"/> for details about available options.</param> public FederatedAWSCredentials(SAMLEndpoint samlEndpoint, string roleArn, FederatedAWSCredentialsOptions options) { if (string.IsNullOrEmpty(roleArn)) { throw new ArgumentException("RoleArn must not be null or empty."); } Options = options ?? throw new ArgumentNullException("options"); SAMLEndpoint = samlEndpoint ?? throw new ArgumentNullException("samlEndpoint"); RoleArn = roleArn; PreemptExpiryTime = DefaultPreemptExpiryTime; }
private AWSCredentials GetCredentials() { const string profileName = "example_profile"; const string endpointName = profileName + "_endpoint"; const string samlEndpointUrl = "https://<adfs host>/adfs/ls/IdpInitiatedSignOn.aspx?loginToRp=urn:amazon:webservices"; //Create and register our saml endpoint that will be used by our profile var endpoint = new SAMLEndpoint( endpointName, new Uri(samlEndpointUrl), SAMLAuthenticationType.Negotiate); var endpointManager = new SAMLEndpointManager(); endpointManager.RegisterEndpoint(endpoint); //Use the default credential file. This could be substituted for a targeted file. var netSdkFile = new NetSDKCredentialsFile(); CredentialProfile profile; //See if we already have the profile and create it if not if (netSdkFile.TryGetProfile(profileName, out profile).Equals(false)) { var profileOptions = new CredentialProfileOptions { EndpointName = endpointName, //This was kind of confusing as the AWS documentation did not say that this was //a comma separated string combining the principle ARN (the ARN of the identity provider) //and the ARN of the role. The documentation only shows that it's the ARN of the role. RoleArn = principleArn + "," + roleArn }; profile = new CredentialProfile(profileName, profileOptions); profile.Region = RegionEndpoint.USEast1; //Store the profile netSdkFile.RegisterProfile(profile); } return(AWSCredentialsFactory.GetAWSCredentials(profile, netSdkFile)); }
protected override void ProcessRecord() { base.ProcessRecord(); var samlEndpointManager = new SAMLEndpointManager(); SAMLEndpoint samlEndpoint; if (ParameterWasBound("AuthenticationType")) { var authenticationType = (SAMLAuthenticationType)(Enum.Parse(typeof(SAMLAuthenticationType), AuthenticationType)); samlEndpoint = new SAMLEndpoint(StoreAs, Endpoint, authenticationType); } else { samlEndpoint = new SAMLEndpoint(StoreAs, Endpoint); } samlEndpointManager.RegisterEndpoint(samlEndpoint); WriteObject(StoreAs); }
// <summary> /// Constructs an instance of FederatedAWSCredentials. After construction call GetCredentials /// to authenticate the user/process and obtain temporary AWS credentials. /// </summary> /// <param name="samlEndpoint">The SAML endpoint used for authentication.</param> /// <param name="roleArn">The role ARN used for authentication.</param> public FederatedAWSCredentials(SAMLEndpoint samlEndpoint, string roleArn) : this(samlEndpoint, roleArn, new FederatedAWSCredentialsOptions()) { }