com.amazonaws.services.securitytoken.model.AssumeRoleWithSAMLRequest Maven / Gradle / Ivy
Show all versions of aws-java-sdk-sts Show documentation
/*
* Copyright 2017-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.securitytoken.model;
import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.AmazonWebServiceRequest;
/**
*
* @see AWS API
* Documentation
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AssumeRoleWithSAMLRequest extends com.amazonaws.AmazonWebServiceRequest implements Serializable, Cloneable {
/**
*
* The Amazon Resource Name (ARN) of the role that the caller is assuming.
*
*/
private String roleArn;
/**
*
* The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
*
*/
private String principalArn;
/**
*
* The base64 encoded SAML authentication response provided by the IdP.
*
*
* For more information, see Configuring a Relying
* Party and Adding Claims in the IAM User Guide.
*
*/
private String sAMLAssertion;
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies.
* The policies must exist in the same account as the role.
*
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. For more information about ARNs, see Amazon Resource Names (ARNs)
* and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in the account that owns the role.
* You cannot use session policies to grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*/
private java.util.List policyArns;
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The resulting
* session's permissions are the intersection of the role's identity-based policy and the session policies. You can
* use the role's temporary credentials in subsequent Amazon Web Services API calls to access resources in the
* account that owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters. The JSON
* policy characters can be any ASCII character from the space character to the end of the valid character list (
* through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*/
private String policy;
/**
*
* The duration, in seconds, of the role session. Your role session lasts for the duration that you specify for the
* DurationSeconds parameter, or until the time specified in the SAML authentication response's
* SessionNotOnOrAfter value, whichever is shorter. You can provide a DurationSeconds
* value from 900 seconds (15 minutes) up to the maximum session duration setting for the role. This setting can
* have a value from 1 hour to 12 hours. If you specify a value higher than this setting, the operation fails. For
* example, if you specify a session duration of 12 hours, but your administrator set the maximum session duration
* to 6 hours, your operation fails. To learn how to view the maximum value for your role, see View
* the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you might
* request using the returned credentials. The request to the federation endpoint for a console sign-in token takes
* a SessionDuration parameter that specifies the maximum length of the console session. For more
* information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in the
* IAM User Guide.
*
*
*/
private Integer durationSeconds;
/**
*
* The Amazon Resource Name (ARN) of the role that the caller is assuming.
*
*
* @param roleArn
* The Amazon Resource Name (ARN) of the role that the caller is assuming.
*/
public void setRoleArn(String roleArn) {
this.roleArn = roleArn;
}
/**
*
* The Amazon Resource Name (ARN) of the role that the caller is assuming.
*
*
* @return The Amazon Resource Name (ARN) of the role that the caller is assuming.
*/
public String getRoleArn() {
return this.roleArn;
}
/**
*
* The Amazon Resource Name (ARN) of the role that the caller is assuming.
*
*
* @param roleArn
* The Amazon Resource Name (ARN) of the role that the caller is assuming.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withRoleArn(String roleArn) {
setRoleArn(roleArn);
return this;
}
/**
*
* The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
*
*
* @param principalArn
* The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
*/
public void setPrincipalArn(String principalArn) {
this.principalArn = principalArn;
}
/**
*
* The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
*
*
* @return The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
*/
public String getPrincipalArn() {
return this.principalArn;
}
/**
*
* The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
*
*
* @param principalArn
* The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the IdP.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withPrincipalArn(String principalArn) {
setPrincipalArn(principalArn);
return this;
}
/**
*
* The base64 encoded SAML authentication response provided by the IdP.
*
*
* For more information, see Configuring a Relying
* Party and Adding Claims in the IAM User Guide.
*
*
* @param sAMLAssertion
* The base64 encoded SAML authentication response provided by the IdP.
*
* For more information, see Configuring a
* Relying Party and Adding Claims in the IAM User Guide.
*/
public void setSAMLAssertion(String sAMLAssertion) {
this.sAMLAssertion = sAMLAssertion;
}
/**
*
* The base64 encoded SAML authentication response provided by the IdP.
*
*
* For more information, see Configuring a Relying
* Party and Adding Claims in the IAM User Guide.
*
*
* @return The base64 encoded SAML authentication response provided by the IdP.
*
* For more information, see Configuring a
* Relying Party and Adding Claims in the IAM User Guide.
*/
public String getSAMLAssertion() {
return this.sAMLAssertion;
}
/**
*
* The base64 encoded SAML authentication response provided by the IdP.
*
*
* For more information, see Configuring a Relying
* Party and Adding Claims in the IAM User Guide.
*
*
* @param sAMLAssertion
* The base64 encoded SAML authentication response provided by the IdP.
*
* For more information, see Configuring a
* Relying Party and Adding Claims in the IAM User Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withSAMLAssertion(String sAMLAssertion) {
setSAMLAssertion(sAMLAssertion);
return this;
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies.
* The policies must exist in the same account as the role.
*
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. For more information about ARNs, see Amazon Resource Names (ARNs)
* and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in the account that owns the role.
* You cannot use session policies to grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* @return The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session
* policies. The policies must exist in the same account as the role.
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters. For more information
* about ARNs, see Amazon Resource Names
* (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions
* are the intersection of the role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access resources in the account that
* owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*/
public java.util.List getPolicyArns() {
return policyArns;
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies.
* The policies must exist in the same account as the role.
*
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. For more information about ARNs, see Amazon Resource Names (ARNs)
* and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in the account that owns the role.
* You cannot use session policies to grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* @param policyArns
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session
* policies. The policies must exist in the same account as the role.
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters. For more information about
* ARNs, see Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General
* Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions
* are the intersection of the role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access resources in the account that
* owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*/
public void setPolicyArns(java.util.Collection policyArns) {
if (policyArns == null) {
this.policyArns = null;
return;
}
this.policyArns = new java.util.ArrayList(policyArns);
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies.
* The policies must exist in the same account as the role.
*
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. For more information about ARNs, see Amazon Resource Names (ARNs)
* and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in the account that owns the role.
* You cannot use session policies to grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* NOTE: This method appends the values to the existing list (if any). Use
* {@link #setPolicyArns(java.util.Collection)} or {@link #withPolicyArns(java.util.Collection)} if you want to
* override the existing values.
*
*
* @param policyArns
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session
* policies. The policies must exist in the same account as the role.
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters. For more information about
* ARNs, see Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General
* Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions
* are the intersection of the role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access resources in the account that
* owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withPolicyArns(PolicyDescriptorType... policyArns) {
if (this.policyArns == null) {
setPolicyArns(new java.util.ArrayList(policyArns.length));
}
for (PolicyDescriptorType ele : policyArns) {
this.policyArns.add(ele);
}
return this;
}
/**
*
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session policies.
* The policies must exist in the same account as the role.
*
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. For more information about ARNs, see Amazon Resource Names (ARNs)
* and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in the account that owns the role.
* You cannot use session policies to grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* @param policyArns
* The Amazon Resource Names (ARNs) of the IAM managed policies that you want to use as managed session
* policies. The policies must exist in the same account as the role.
*
* This parameter is optional. You can provide up to 10 managed policy ARNs. However, the plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters. For more information about
* ARNs, see Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General
* Reference.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* Passing policies to this operation returns new temporary credentials. The resulting session's permissions
* are the intersection of the role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access resources in the account that
* owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withPolicyArns(java.util.Collection policyArns) {
setPolicyArns(policyArns);
return this;
}
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The resulting
* session's permissions are the intersection of the role's identity-based policy and the session policies. You can
* use the role's temporary credentials in subsequent Amazon Web Services API calls to access resources in the
* account that owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters. The JSON
* policy characters can be any ASCII character from the space character to the end of the valid character list (
* through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* @param policy
* An IAM policy in JSON format that you want to use as an inline session policy.
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The
* resulting session's permissions are the intersection of the role's identity-based policy and the session
* policies. You can use the role's temporary credentials in subsequent Amazon Web Services API calls to
* access resources in the account that owns the role. You cannot use session policies to grant more
* permissions than those allowed by the identity-based policy of the role that is being assumed. For more
* information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters. The
* JSON policy characters can be any ASCII character from the space character to the end of the valid
* character list ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( )
* characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
*/
public void setPolicy(String policy) {
this.policy = policy;
}
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The resulting
* session's permissions are the intersection of the role's identity-based policy and the session policies. You can
* use the role's temporary credentials in subsequent Amazon Web Services API calls to access resources in the
* account that owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters. The JSON
* policy characters can be any ASCII character from the space character to the end of the valid character list (
* through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* @return An IAM policy in JSON format that you want to use as an inline session policy.
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The
* resulting session's permissions are the intersection of the role's identity-based policy and the session
* policies. You can use the role's temporary credentials in subsequent Amazon Web Services API calls to
* access resources in the account that owns the role. You cannot use session policies to grant more
* permissions than those allowed by the identity-based policy of the role that is being assumed. For more
* information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters.
* The JSON policy characters can be any ASCII character from the space character to the end of the valid
* character list ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( )
* characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
*/
public String getPolicy() {
return this.policy;
}
/**
*
* An IAM policy in JSON format that you want to use as an inline session policy.
*
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The resulting
* session's permissions are the intersection of the role's identity-based policy and the session policies. You can
* use the role's temporary credentials in subsequent Amazon Web Services API calls to access resources in the
* account that owns the role. You cannot use session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters. The JSON
* policy characters can be any ASCII character from the space character to the end of the valid character list (
* through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and session
* tags into a packed binary format that has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The PackedPolicySize response element indicates by
* percentage how close the policies and tags for your request are to the upper size limit.
*
*
*
* @param policy
* An IAM policy in JSON format that you want to use as an inline session policy.
*
* This parameter is optional. Passing policies to this operation returns new temporary credentials. The
* resulting session's permissions are the intersection of the role's identity-based policy and the session
* policies. You can use the role's temporary credentials in subsequent Amazon Web Services API calls to
* access resources in the account that owns the role. You cannot use session policies to grant more
* permissions than those allowed by the identity-based policy of the role that is being assumed. For more
* information, see Session
* Policies in the IAM User Guide.
*
*
* The plaintext that you use for both inline and managed session policies can't exceed 2,048 characters. The
* JSON policy characters can be any ASCII character from the space character to the end of the valid
* character list ( through \u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( )
* characters.
*
*
*
* An Amazon Web Services conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request can fail for this limit
* even if your plaintext meets the other requirements. The PackedPolicySize response element
* indicates by percentage how close the policies and tags for your request are to the upper size limit.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withPolicy(String policy) {
setPolicy(policy);
return this;
}
/**
*
* The duration, in seconds, of the role session. Your role session lasts for the duration that you specify for the
* DurationSeconds parameter, or until the time specified in the SAML authentication response's
* SessionNotOnOrAfter value, whichever is shorter. You can provide a DurationSeconds
* value from 900 seconds (15 minutes) up to the maximum session duration setting for the role. This setting can
* have a value from 1 hour to 12 hours. If you specify a value higher than this setting, the operation fails. For
* example, if you specify a session duration of 12 hours, but your administrator set the maximum session duration
* to 6 hours, your operation fails. To learn how to view the maximum value for your role, see View
* the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you might
* request using the returned credentials. The request to the federation endpoint for a console sign-in token takes
* a SessionDuration parameter that specifies the maximum length of the console session. For more
* information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in the
* IAM User Guide.
*
*
*
* @param durationSeconds
* The duration, in seconds, of the role session. Your role session lasts for the duration that you specify
* for the DurationSeconds parameter, or until the time specified in the SAML authentication
* response's SessionNotOnOrAfter value, whichever is shorter. You can provide a
* DurationSeconds value from 900 seconds (15 minutes) up to the maximum session duration
* setting for the role. This setting can have a value from 1 hour to 12 hours. If you specify a value higher
* than this setting, the operation fails. For example, if you specify a session duration of 12 hours, but
* your administrator set the maximum session duration to 6 hours, your operation fails. To learn how to view
* the maximum value for your role, see View the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you
* might request using the returned credentials. The request to the federation endpoint for a console sign-in
* token takes a SessionDuration parameter that specifies the maximum length of the console
* session. For more information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in
* the IAM User Guide.
*
*/
public void setDurationSeconds(Integer durationSeconds) {
this.durationSeconds = durationSeconds;
}
/**
*
* The duration, in seconds, of the role session. Your role session lasts for the duration that you specify for the
* DurationSeconds parameter, or until the time specified in the SAML authentication response's
* SessionNotOnOrAfter value, whichever is shorter. You can provide a DurationSeconds
* value from 900 seconds (15 minutes) up to the maximum session duration setting for the role. This setting can
* have a value from 1 hour to 12 hours. If you specify a value higher than this setting, the operation fails. For
* example, if you specify a session duration of 12 hours, but your administrator set the maximum session duration
* to 6 hours, your operation fails. To learn how to view the maximum value for your role, see View
* the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you might
* request using the returned credentials. The request to the federation endpoint for a console sign-in token takes
* a SessionDuration parameter that specifies the maximum length of the console session. For more
* information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in the
* IAM User Guide.
*
*
*
* @return The duration, in seconds, of the role session. Your role session lasts for the duration that you specify
* for the DurationSeconds parameter, or until the time specified in the SAML authentication
* response's SessionNotOnOrAfter value, whichever is shorter. You can provide a
* DurationSeconds value from 900 seconds (15 minutes) up to the maximum session duration
* setting for the role. This setting can have a value from 1 hour to 12 hours. If you specify a value
* higher than this setting, the operation fails. For example, if you specify a session duration of 12
* hours, but your administrator set the maximum session duration to 6 hours, your operation fails. To learn
* how to view the maximum value for your role, see View the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you
* might request using the returned credentials. The request to the federation endpoint for a console
* sign-in token takes a SessionDuration parameter that specifies the maximum length of the
* console session. For more information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in
* the IAM User Guide.
*
*/
public Integer getDurationSeconds() {
return this.durationSeconds;
}
/**
*
* The duration, in seconds, of the role session. Your role session lasts for the duration that you specify for the
* DurationSeconds parameter, or until the time specified in the SAML authentication response's
* SessionNotOnOrAfter value, whichever is shorter. You can provide a DurationSeconds
* value from 900 seconds (15 minutes) up to the maximum session duration setting for the role. This setting can
* have a value from 1 hour to 12 hours. If you specify a value higher than this setting, the operation fails. For
* example, if you specify a session duration of 12 hours, but your administrator set the maximum session duration
* to 6 hours, your operation fails. To learn how to view the maximum value for your role, see View
* the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you might
* request using the returned credentials. The request to the federation endpoint for a console sign-in token takes
* a SessionDuration parameter that specifies the maximum length of the console session. For more
* information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in the
* IAM User Guide.
*
*
*
* @param durationSeconds
* The duration, in seconds, of the role session. Your role session lasts for the duration that you specify
* for the DurationSeconds parameter, or until the time specified in the SAML authentication
* response's SessionNotOnOrAfter value, whichever is shorter. You can provide a
* DurationSeconds value from 900 seconds (15 minutes) up to the maximum session duration
* setting for the role. This setting can have a value from 1 hour to 12 hours. If you specify a value higher
* than this setting, the operation fails. For example, if you specify a session duration of 12 hours, but
* your administrator set the maximum session duration to 6 hours, your operation fails. To learn how to view
* the maximum value for your role, see View the Maximum Session Duration Setting for a Role in the IAM User Guide.
*
* By default, the value is set to 3600 seconds.
*
*
*
* The DurationSeconds parameter is separate from the duration of a console session that you
* might request using the returned credentials. The request to the federation endpoint for a console sign-in
* token takes a SessionDuration parameter that specifies the maximum length of the console
* session. For more information, see Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console in
* the IAM User Guide.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
public AssumeRoleWithSAMLRequest withDurationSeconds(Integer durationSeconds) {
setDurationSeconds(durationSeconds);
return this;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getRoleArn() != null)
sb.append("RoleArn: ").append(getRoleArn()).append(",");
if (getPrincipalArn() != null)
sb.append("PrincipalArn: ").append(getPrincipalArn()).append(",");
if (getSAMLAssertion() != null)
sb.append("SAMLAssertion: ").append(getSAMLAssertion()).append(",");
if (getPolicyArns() != null)
sb.append("PolicyArns: ").append(getPolicyArns()).append(",");
if (getPolicy() != null)
sb.append("Policy: ").append(getPolicy()).append(",");
if (getDurationSeconds() != null)
sb.append("DurationSeconds: ").append(getDurationSeconds());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof AssumeRoleWithSAMLRequest == false)
return false;
AssumeRoleWithSAMLRequest other = (AssumeRoleWithSAMLRequest) obj;
if (other.getRoleArn() == null ^ this.getRoleArn() == null)
return false;
if (other.getRoleArn() != null && other.getRoleArn().equals(this.getRoleArn()) == false)
return false;
if (other.getPrincipalArn() == null ^ this.getPrincipalArn() == null)
return false;
if (other.getPrincipalArn() != null && other.getPrincipalArn().equals(this.getPrincipalArn()) == false)
return false;
if (other.getSAMLAssertion() == null ^ this.getSAMLAssertion() == null)
return false;
if (other.getSAMLAssertion() != null && other.getSAMLAssertion().equals(this.getSAMLAssertion()) == false)
return false;
if (other.getPolicyArns() == null ^ this.getPolicyArns() == null)
return false;
if (other.getPolicyArns() != null && other.getPolicyArns().equals(this.getPolicyArns()) == false)
return false;
if (other.getPolicy() == null ^ this.getPolicy() == null)
return false;
if (other.getPolicy() != null && other.getPolicy().equals(this.getPolicy()) == false)
return false;
if (other.getDurationSeconds() == null ^ this.getDurationSeconds() == null)
return false;
if (other.getDurationSeconds() != null && other.getDurationSeconds().equals(this.getDurationSeconds()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getRoleArn() == null) ? 0 : getRoleArn().hashCode());
hashCode = prime * hashCode + ((getPrincipalArn() == null) ? 0 : getPrincipalArn().hashCode());
hashCode = prime * hashCode + ((getSAMLAssertion() == null) ? 0 : getSAMLAssertion().hashCode());
hashCode = prime * hashCode + ((getPolicyArns() == null) ? 0 : getPolicyArns().hashCode());
hashCode = prime * hashCode + ((getPolicy() == null) ? 0 : getPolicy().hashCode());
hashCode = prime * hashCode + ((getDurationSeconds() == null) ? 0 : getDurationSeconds().hashCode());
return hashCode;
}
@Override
public AssumeRoleWithSAMLRequest clone() {
return (AssumeRoleWithSAMLRequest) super.clone();
}
}