Sha256: cca7bf1079bbec3b930e43b922213794fd344fbefb73f87deb897870ba2c9161
Contents?: true
Size: 1.97 KB
Versions: 82
Compression:
Stored size: 1.97 KB
Contents
module Fog
module AWS
class STS
class Real
require 'fog/aws/parsers/sts/assume_role_with_saml'
# Assume Role with SAML
#
# ==== Parameters
# * role_arn<~String> - The ARN of the role the caller is assuming.
# * principal_arn<~String> - The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
# * saml_assertion<~String> - The base-64 encoded SAML authentication response provided by the IdP.
# * policy<~String> - An optional JSON policy document
# * duration<~Integer> - Duration (of seconds) for the assumed role credentials to be valid (default 3600)
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'Arn'<~String>: The ARN of the assumed role/user
# * 'AccessKeyId'<~String>: The AWS access key of the temporary credentials for the assumed role
# * 'SecretAccessKey'<~String>: The AWS secret key of the temporary credentials for the assumed role
# * 'SessionToken'<~String>: The AWS session token of the temporary credentials for the assumed role
# * 'Expiration'<~Time>: The expiration time of the temporary credentials for the assumed role
#
# ==== See Also
# http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html
#
def assume_role_with_saml(role_arn, principal_arn, saml_assertion, policy=nil, duration=3600)
request_unsigned({
'Action' => 'AssumeRoleWithSAML',
'RoleArn' => role_arn,
'PrincipalArn' => principal_arn,
'SAMLAssertion' => saml_assertion,
'Policy' => policy && Fog::JSON.encode(policy),
'DurationSeconds' => duration,
:idempotent => true,
:parser => Fog::Parsers::AWS::STS::AssumeRoleWithSAML.new
})
end
end
end
end
end
Version data entries
82 entries across 80 versions & 4 rubygems