File Coverage

blib/lib/Paws/STS/AssumeRole.pm
Criterion Covered Total %
statement 6 6 100.0
branch n/a
condition n/a
subroutine 2 2 100.0
pod n/a
total 8 8 100.0


line stmt bran cond sub pod time code
1              
2             package Paws::STS::AssumeRole;
3 1     1   572 use Moose;
  1         4  
  1         11  
4             has DurationSeconds => (is => 'ro', isa => 'Int');
5             has ExternalId => (is => 'ro', isa => 'Str');
6             has Policy => (is => 'ro', isa => 'Str');
7             has RoleArn => (is => 'ro', isa => 'Str', required => 1);
8             has RoleSessionName => (is => 'ro', isa => 'Str', required => 1);
9             has SerialNumber => (is => 'ro', isa => 'Str');
10             has TokenCode => (is => 'ro', isa => 'Str');
11              
12 1     1   7544 use MooseX::ClassAttribute;
  1         4  
  1         8  
13              
14             class_has _api_call => (isa => 'Str', is => 'ro', default => 'AssumeRole');
15             class_has _returns => (isa => 'Str', is => 'ro', default => 'Paws::STS::AssumeRoleResponse');
16             class_has _result_key => (isa => 'Str', is => 'ro', default => 'AssumeRoleResult');
17             1;
18              
19             ### main pod documentation begin ###
20              
21             =head1 NAME
22              
23             Paws::STS::AssumeRole - Arguments for method AssumeRole on Paws::STS
24              
25             =head1 DESCRIPTION
26              
27             This class represents the parameters used for calling the method AssumeRole on the
28             AWS Security Token Service service. Use the attributes of this class
29             as arguments to method AssumeRole.
30              
31             You shouldn't make instances of this class. Each attribute should be used as a named argument in the call to AssumeRole.
32              
33             As an example:
34              
35             $service_obj->AssumeRole(Att1 => $value1, Att2 => $value2, ...);
36              
37             Values for attributes that are native types (Int, String, Float, etc) can passed as-is (scalar values). Values for complex Types (objects) can be passed as a HashRef. The keys and values of the hashref will be used to instance the underlying object.
38              
39             =head1 ATTRIBUTES
40              
41              
42             =head2 DurationSeconds => Int
43              
44             The duration, in seconds, of the role session. The value can range from
45             900 seconds (15 minutes) to 3600 seconds (1 hour). By default, the
46             value is set to 3600 seconds.
47              
48             This is separate from the duration of a console session that you might
49             request using the returned credentials. The request to the federation
50             endpoint for a console sign-in token takes a C<SessionDuration>
51             parameter that specifies the maximum length of the console session,
52             separately from the C<DurationSeconds> parameter on this API. For more
53             information, see Creating a URL that Enables Federated Users to Access
54             the AWS Management Console in the I<IAM User Guide>.
55              
56              
57              
58             =head2 ExternalId => Str
59              
60             A unique identifier that is used by third parties when assuming roles
61             in their customers' accounts. For each role that the third party can
62             assume, they should instruct their customers to ensure the role's trust
63             policy checks for the external ID that the third party generated. Each
64             time the third party assumes the role, they should pass the customer's
65             external ID. The external ID is useful in order to help third parties
66             bind a role to the customer who created it. For more information about
67             the external ID, see How to Use an External ID When Granting Access to
68             Your AWS Resources to a Third Party in the I<IAM User Guide>.
69              
70             The regex used to validated this parameter is a string of characters
71             consisting of upper- and lower-case alphanumeric characters with no
72             spaces. You can also include underscores or any of the following
73             characters: =,.@:/-
74              
75              
76              
77             =head2 Policy => Str
78              
79             An IAM policy in JSON format.
80              
81             This parameter is optional. If you pass a policy, the temporary
82             security credentials that are returned by the operation have the
83             permissions that are allowed by both (the intersection of) the access
84             policy of the role that is being assumed, I<and> the policy that you
85             pass. This gives you a way to further restrict the permissions for the
86             resulting temporary security credentials. You cannot use the passed
87             policy to grant permissions that are in excess of those allowed by the
88             access policy of the role that is being assumed. For more information,
89             see Permissions for AssumeRole, AssumeRoleWithSAML, and
90             AssumeRoleWithWebIdentity in the I<IAM User Guide>.
91              
92             The format for this parameter, as described by its regex pattern, is a
93             string of characters up to 2048 characters in length. The characters
94             can be any ASCII character from the space character to the end of the
95             valid character list (\u0020-\u00FF). It can also include the tab
96             (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.
97              
98             The policy plain text must be 2048 bytes or shorter. However, an
99             internal conversion compresses it into a packed binary format with a
100             separate limit. The PackedPolicySize response element indicates by
101             percentage how close to the upper size limit the policy is, with 100%
102             equaling the maximum allowed size.
103              
104              
105              
106             =head2 B<REQUIRED> RoleArn => Str
107              
108             The Amazon Resource Name (ARN) of the role to assume.
109              
110              
111              
112             =head2 B<REQUIRED> RoleSessionName => Str
113              
114             An identifier for the assumed role session.
115              
116             Use the role session name to uniquely identify a session when the same
117             role is assumed by different principals or for different reasons. In
118             cross-account scenarios, the role session name is visible to, and can
119             be logged by the account that owns the role. The role session name is
120             also used in the ARN of the assumed role principal. This means that
121             subsequent cross-account API requests using the temporary security
122             credentials will expose the role session name to the external account
123             in their CloudTrail logs.
124              
125             The regex used to validate this parameter is a string of characters
126             consisting of upper- and lower-case alphanumeric characters with no
127             spaces. You can also include underscores or any of the following
128             characters: =,.@-
129              
130              
131              
132             =head2 SerialNumber => Str
133              
134             The identification number of the MFA device that is associated with the
135             user who is making the C<AssumeRole> call. Specify this value if the
136             trust policy of the role being assumed includes a condition that
137             requires MFA authentication. The value is either the serial number for
138             a hardware device (such as C<GAHT12345678>) or an Amazon Resource Name
139             (ARN) for a virtual device (such as
140             C<arn:aws:iam::123456789012:mfa/user>).
141              
142             The regex used to validate this parameter is a string of characters
143             consisting of upper- and lower-case alphanumeric characters with no
144             spaces. You can also include underscores or any of the following
145             characters: =,.@-
146              
147              
148              
149             =head2 TokenCode => Str
150              
151             The value provided by the MFA device, if the trust policy of the role
152             being assumed requires MFA (that is, if the policy includes a condition
153             that tests for MFA). If the role being assumed requires MFA and if the
154             C<TokenCode> value is missing or expired, the C<AssumeRole> call
155             returns an "access denied" error.
156              
157             The format for this parameter, as described by its regex pattern, is a
158             sequence of six numeric digits.
159              
160              
161              
162              
163             =head1 SEE ALSO
164              
165             This class forms part of L<Paws>, documenting arguments for method AssumeRole in L<Paws::STS>
166              
167             =head1 BUGS and CONTRIBUTIONS
168              
169             The source code is located here: https://github.com/pplu/aws-sdk-perl
170              
171             Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues
172              
173             =cut
174