com.amazonaws.services.securitytoken.model.GetFederationTokenRequest Maven / Gradle / Ivy
Show all versions of aws-java-sdk-sts Show documentation
/*
* Copyright 2014-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.securitytoken.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.AmazonWebServiceRequest;
/**
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class GetFederationTokenRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {
/**
*
* The name of the federated user. The name is used as an identifier for the temporary security credentials (such as
* Bob
). For example, you can reference the federated user name in a resource-based policy, such as in
* an Amazon S3 bucket policy.
*
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@-
*
*/
private String name;
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048 characters. The
* JSON policy characters can be any ASCII character from the space character to the end of the valid character list
* ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*/
private String policy;
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session policy.
* The policies must exist in the same account as the IAM user that is requesting federated access.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies. The plain text that you use for both inline
* and managed session policies shouldn't exceed 2048 characters. You can provide up to 10 managed policy ARNs. For
* more information about ARNs, see Amazon Resource Names
* (ARNs) and AWS Service Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*/
private java.util.List policyArns;
/**
*
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from
* 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions
* obtained using AWS account root user credentials are restricted to a maximum of 3,600 seconds (one hour). If the
* specified duration is longer than one hour, the session obtained by using root user credentials defaults to one
* hour.
*
*/
private Integer durationSeconds;
/**
* Default constructor for GetFederationTokenRequest object. Callers should use the setter or fluent setter
* (with...) methods to initialize the object after creating it.
*/
public GetFederationTokenRequest() {
}
/**
* Constructs a new GetFederationTokenRequest object. Callers should use the setter or fluent setter (with...)
* methods to initialize any additional object members.
*
* @param name
* The name of the federated user. The name is used as an identifier for the temporary security credentials
* (such as Bob
). For example, you can reference the federated user name in a resource-based
* policy, such as in an Amazon S3 bucket policy.
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following
* characters: =,.@-
*/
public GetFederationTokenRequest(String name) {
setName(name);
}
/**
*
* The name of the federated user. The name is used as an identifier for the temporary security credentials (such as
* Bob
). For example, you can reference the federated user name in a resource-based policy, such as in
* an Amazon S3 bucket policy.
*
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@-
*
*
* @param name
* The name of the federated user. The name is used as an identifier for the temporary security credentials
* (such as Bob
). For example, you can reference the federated user name in a resource-based
* policy, such as in an Amazon S3 bucket policy.
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following
* characters: =,.@-
*/
public void setName(String name) {
this.name = name;
}
/**
*
* The name of the federated user. The name is used as an identifier for the temporary security credentials (such as
* Bob
). For example, you can reference the federated user name in a resource-based policy, such as in
* an Amazon S3 bucket policy.
*
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@-
*
*
* @return The name of the federated user. The name is used as an identifier for the temporary security credentials
* (such as Bob
). For example, you can reference the federated user name in a resource-based
* policy, such as in an Amazon S3 bucket policy.
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following
* characters: =,.@-
*/
public String getName() {
return this.name;
}
/**
*
* The name of the federated user. The name is used as an identifier for the temporary security credentials (such as
* Bob
). For example, you can reference the federated user name in a resource-based policy, such as in
* an Amazon S3 bucket policy.
*
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@-
*
*
* @param name
* The name of the federated user. The name is used as an identifier for the temporary security credentials
* (such as Bob
). For example, you can reference the federated user name in a resource-based
* policy, such as in an Amazon S3 bucket policy.
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following
* characters: =,.@-
* @return Returns a reference to this object so that method calls can be chained together.
*/
public GetFederationTokenRequest withName(String name) {
setName(name);
return this;
}
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048 characters. The
* JSON policy characters can be any ASCII character from the space character to the end of the valid character list
* ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* @param policy
* An IAM policy in JSON format that you want to use as an inline session policy.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated
* user session has no permissions. The only exception is when the credentials are used to access a resource
* that has a resource-based policy that specifically references the federated user session in the
* Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048 characters.
* The JSON policy characters can be any ASCII character from the space character to the end of the valid
* character list ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( )
* characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit. This
* is the enforced limit. The PackedPolicySize
response element indicates by percentage how
* close the policy is to the upper size limit.
*
*/
public void setPolicy(String policy) {
this.policy = policy;
}
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048 characters. The
* JSON policy characters can be any ASCII character from the space character to the end of the valid character list
* ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* @return An IAM policy in JSON format that you want to use as an inline session policy.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting
* federated user session has no permissions. The only exception is when the credentials are used to access
* a resource that has a resource-based policy that specifically references the federated user session in
* the Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048
* characters. The JSON policy characters can be any ASCII character from the space character to the end of
* the valid character list ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage
* return ( ) characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit.
* This is the enforced limit. The PackedPolicySize
response element indicates by percentage
* how close the policy is to the upper size limit.
*
*/
public String getPolicy() {
return this.policy;
}
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048 characters. The
* JSON policy characters can be any ASCII character from the space character to the end of the valid character list
* ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* @param policy
* An IAM policy in JSON format that you want to use as an inline session policy.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated
* user session has no permissions. The only exception is when the credentials are used to access a resource
* that has a resource-based policy that specifically references the federated user session in the
* Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plain text that you use for both inline and managed session policies shouldn't exceed 2048 characters.
* The JSON policy characters can be any ASCII character from the space character to the end of the valid
* character list ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( )
* characters.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit. This
* is the enforced limit. The PackedPolicySize
response element indicates by percentage how
* close the policy is to the upper size limit.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public GetFederationTokenRequest withPolicy(String policy) {
setPolicy(policy);
return this;
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session policy.
* The policies must exist in the same account as the IAM user that is requesting federated access.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies. The plain text that you use for both inline
* and managed session policies shouldn't exceed 2048 characters. You can provide up to 10 managed policy ARNs. For
* more information about ARNs, see Amazon Resource Names
* (ARNs) and AWS Service Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* @return The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session
* policy. The policies must exist in the same account as the IAM user that is requesting federated
* access.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies. The plain text
* that you use for both inline and managed session policies shouldn't exceed 2048 characters. You can
* provide up to 10 managed policy ARNs. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
* Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting
* federated user session has no permissions. The only exception is when the credentials are used to access
* a resource that has a resource-based policy that specifically references the federated user session in
* the Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit.
* This is the enforced limit. The PackedPolicySize
response element indicates by percentage
* how close the policy is to the upper size limit.
*
*/
public java.util.List getPolicyArns() {
return policyArns;
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session policy.
* The policies must exist in the same account as the IAM user that is requesting federated access.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies. The plain text that you use for both inline
* and managed session policies shouldn't exceed 2048 characters. You can provide up to 10 managed policy ARNs. For
* more information about ARNs, see Amazon Resource Names
* (ARNs) and AWS Service Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* @param policyArns
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session
* policy. The policies must exist in the same account as the IAM user that is requesting federated
* access.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies. The plain text
* that you use for both inline and managed session policies shouldn't exceed 2048 characters. You can
* provide up to 10 managed policy ARNs. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
* Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated
* user session has no permissions. The only exception is when the credentials are used to access a resource
* that has a resource-based policy that specifically references the federated user session in the
* Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit. This
* is the enforced limit. The PackedPolicySize
response element indicates by percentage how
* close the policy is to the upper size limit.
*
*/
public void setPolicyArns(java.util.Collection policyArns) {
if (policyArns == null) {
this.policyArns = null;
return;
}
this.policyArns = new java.util.ArrayList(policyArns);
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session policy.
* The policies must exist in the same account as the IAM user that is requesting federated access.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies. The plain text that you use for both inline
* and managed session policies shouldn't exceed 2048 characters. You can provide up to 10 managed policy ARNs. For
* more information about ARNs, see Amazon Resource Names
* (ARNs) and AWS Service Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setPolicyArns(java.util.Collection)} or {@link #withPolicyArns(java.util.Collection)} if you want to
* override the existing values.
*
*
* @param policyArns
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session
* policy. The policies must exist in the same account as the IAM user that is requesting federated
* access.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies. The plain text
* that you use for both inline and managed session policies shouldn't exceed 2048 characters. You can
* provide up to 10 managed policy ARNs. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
* Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated
* user session has no permissions. The only exception is when the credentials are used to access a resource
* that has a resource-based policy that specifically references the federated user session in the
* Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit. This
* is the enforced limit. The PackedPolicySize
response element indicates by percentage how
* close the policy is to the upper size limit.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public GetFederationTokenRequest withPolicyArns(PolicyDescriptorType... policyArns) {
if (this.policyArns == null) {
setPolicyArns(new java.util.ArrayList(policyArns.length));
}
for (PolicyDescriptorType ele : policyArns) {
this.policyArns.add(ele);
}
return this;
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session policy.
* The policies must exist in the same account as the IAM user that is requesting federated access.
*
*
* You must pass an inline or managed session policy
* to this operation. You can pass a single JSON policy document to use as an inline session policy. You can also
* specify up to 10 managed policies to use as managed session policies. The plain text that you use for both inline
* and managed session policies shouldn't exceed 2048 characters. You can provide up to 10 managed policy ARNs. For
* more information about ARNs, see Amazon Resource Names
* (ARNs) and AWS Service Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated user
* session has no permissions. The only exception is when the credentials are used to access a resource that has a
* resource-based policy that specifically references the federated user session in the Principal
* element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the permissions for a federated user.
* You cannot use session policies to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an AWS
* conversion compresses the session policies into a packed binary format that has a separate limit. This is the
* enforced limit. The PackedPolicySize
response element indicates by percentage how close the policy
* is to the upper size limit.
*
*
*
* @param policyArns
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as a managed session
* policy. The policies must exist in the same account as the IAM user that is requesting federated
* access.
*
* You must pass an inline or managed session
* policy to this operation. You can pass a single JSON policy document to use as an inline session
* policy. You can also specify up to 10 managed policies to use as managed session policies. The plain text
* that you use for both inline and managed session policies shouldn't exceed 2048 characters. You can
* provide up to 10 managed policy ARNs. For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service
* Namespaces in the AWS General Reference.
*
*
* This parameter is optional. However, if you do not pass any session policies, then the resulting federated
* user session has no permissions. The only exception is when the credentials are used to access a resource
* that has a resource-based policy that specifically references the federated user session in the
* Principal
element of the policy.
*
*
* When you pass session policies, the session permissions are the intersection of the IAM user policies and
* the session policies that you pass. This gives you a way to further restrict the permissions for a
* federated user. You cannot use session policies to grant more permissions than those that are defined in
* the permissions policy of the IAM user. For more information, see Session
* Policies in the IAM User Guide.
*
*
*
* The characters in this parameter count towards the 2048 character session policy guideline. However, an
* AWS conversion compresses the session policies into a packed binary format that has a separate limit. This
* is the enforced limit. The PackedPolicySize
response element indicates by percentage how
* close the policy is to the upper size limit.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public GetFederationTokenRequest withPolicyArns(java.util.Collection policyArns) {
setPolicyArns(policyArns);
return this;
}
/**
*
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from
* 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions
* obtained using AWS account root user credentials are restricted to a maximum of 3,600 seconds (one hour). If the
* specified duration is longer than one hour, the session obtained by using root user credentials defaults to one
* hour.
*
*
* @param durationSeconds
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range
* from 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the
* default. Sessions obtained using AWS account root user credentials are restricted to a maximum of 3,600
* seconds (one hour). If the specified duration is longer than one hour, the session obtained by using root
* user credentials defaults to one hour.
*/
public void setDurationSeconds(Integer durationSeconds) {
this.durationSeconds = durationSeconds;
}
/**
*
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from
* 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions
* obtained using AWS account root user credentials are restricted to a maximum of 3,600 seconds (one hour). If the
* specified duration is longer than one hour, the session obtained by using root user credentials defaults to one
* hour.
*
*
* @return The duration, in seconds, that the session should last. Acceptable durations for federation sessions
* range from 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the
* default. Sessions obtained using AWS account root user credentials are restricted to a maximum of 3,600
* seconds (one hour). If the specified duration is longer than one hour, the session obtained by using root
* user credentials defaults to one hour.
*/
public Integer getDurationSeconds() {
return this.durationSeconds;
}
/**
*
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from
* 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions
* obtained using AWS account root user credentials are restricted to a maximum of 3,600 seconds (one hour). If the
* specified duration is longer than one hour, the session obtained by using root user credentials defaults to one
* hour.
*
*
* @param durationSeconds
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range
* from 900 seconds (15 minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the
* default. Sessions obtained using AWS account root user credentials are restricted to a maximum of 3,600
* seconds (one hour). If the specified duration is longer than one hour, the session obtained by using root
* user credentials defaults to one hour.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public GetFederationTokenRequest withDurationSeconds(Integer durationSeconds) {
setDurationSeconds(durationSeconds);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getName() != null)
sb.append("Name: ").append(getName()).append(",");
if (getPolicy() != null)
sb.append("Policy: ").append(getPolicy()).append(",");
if (getPolicyArns() != null)
sb.append("PolicyArns: ").append(getPolicyArns()).append(",");
if (getDurationSeconds() != null)
sb.append("DurationSeconds: ").append(getDurationSeconds());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof GetFederationTokenRequest == false)
return false;
GetFederationTokenRequest other = (GetFederationTokenRequest) obj;
if (other.getName() == null ^ this.getName() == null)
return false;
if (other.getName() != null && other.getName().equals(this.getName()) == false)
return false;
if (other.getPolicy() == null ^ this.getPolicy() == null)
return false;
if (other.getPolicy() != null && other.getPolicy().equals(this.getPolicy()) == false)
return false;
if (other.getPolicyArns() == null ^ this.getPolicyArns() == null)
return false;
if (other.getPolicyArns() != null && other.getPolicyArns().equals(this.getPolicyArns()) == false)
return false;
if (other.getDurationSeconds() == null ^ this.getDurationSeconds() == null)
return false;
if (other.getDurationSeconds() != null && other.getDurationSeconds().equals(this.getDurationSeconds()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getName() == null) ? 0 : getName().hashCode());
hashCode = prime * hashCode + ((getPolicy() == null) ? 0 : getPolicy().hashCode());
hashCode = prime * hashCode + ((getPolicyArns() == null) ? 0 : getPolicyArns().hashCode());
hashCode = prime * hashCode + ((getDurationSeconds() == null) ? 0 : getDurationSeconds().hashCode());
return hashCode;
}
@Override
public GetFederationTokenRequest clone() {
return (GetFederationTokenRequest) super.clone();
}
}