
software.amazon.awssdk.services.sts.model.GetFederationTokenRequest Maven / Gradle / Ivy
/*
* Copyright 2014-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.sts.model;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Consumer;
import java.util.function.Function;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration;
import software.amazon.awssdk.core.SdkField;
import software.amazon.awssdk.core.SdkPojo;
import software.amazon.awssdk.core.protocol.MarshallLocation;
import software.amazon.awssdk.core.protocol.MarshallingType;
import software.amazon.awssdk.core.traits.LocationTrait;
import software.amazon.awssdk.utils.ToString;
import software.amazon.awssdk.utils.builder.CopyableBuilder;
import software.amazon.awssdk.utils.builder.ToCopyableBuilder;
/**
*/
@Generated("software.amazon.awssdk:codegen")
public final class GetFederationTokenRequest extends StsRequest implements
ToCopyableBuilder {
private static final SdkField NAME_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(GetFederationTokenRequest::name)).setter(setter(Builder::name))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Name").build()).build();
private static final SdkField POLICY_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(GetFederationTokenRequest::policy)).setter(setter(Builder::policy))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Policy").build()).build();
private static final SdkField DURATION_SECONDS_FIELD = SdkField. builder(MarshallingType.INTEGER)
.getter(getter(GetFederationTokenRequest::durationSeconds)).setter(setter(Builder::durationSeconds))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("DurationSeconds").build()).build();
private static final List> SDK_FIELDS = Collections.unmodifiableList(Arrays.asList(NAME_FIELD, POLICY_FIELD,
DURATION_SECONDS_FIELD));
private final String name;
private final String policy;
private final Integer durationSeconds;
private GetFederationTokenRequest(BuilderImpl builder) {
super(builder);
this.name = builder.name;
this.policy = builder.policy;
this.durationSeconds = builder.durationSeconds;
}
/**
*
* The name of the federated user. The name is used as an identifier for the temporary security credentials (such as
* Bob
). For example, you can reference the federated user name in a resource-based policy, such as in
* an Amazon S3 bucket policy.
*
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@-
*
*
* @return The name of the federated user. The name is used as an identifier for the temporary security credentials
* (such as Bob
). For example, you can reference the federated user name in a resource-based
* policy, such as in an Amazon S3 bucket policy.
*
* The regex used to validate this parameter is a string of characters consisting of upper- and lower-case
* alphanumeric characters with no spaces. You can also include underscores or any of the following
* characters: =,.@-
*/
public String name() {
return name;
}
/**
*
* An IAM policy in JSON format that is passed with the GetFederationToken
call and evaluated along
* with the policy or policies that are attached to the IAM user whose credentials are used to call
* GetFederationToken
. The passed policy is used to scope down the permissions that are available to
* the IAM user, by allowing only a subset of the permissions that are granted to the IAM user. The passed policy
* cannot grant more permissions than those granted to the IAM user. The final permissions for the federated user
* are the most restrictive set based on the intersection of the passed policy and the IAM user policy.
*
*
* If you do not pass a policy, the resulting temporary security credentials have no effective permissions. The only
* exception is when the temporary security credentials are used to access a resource that has a resource-based
* policy that specifically allows the federated user to access the resource.
*
*
* The format for this parameter, as described by its regex pattern, is a string of characters up to 2048 characters
* in length. The characters can be any ASCII character from the space character to the end of the valid character
* list ( -\u00FF). It can also include the tab ( ), linefeed ( ), and carriage return ( ) characters.
*
*
*
* The policy plain text must be 2048 bytes or shorter. However, an internal conversion compresses it into a packed
* binary format with a separate limit. The PackedPolicySize response element indicates by percentage how close to
* the upper size limit the policy is, with 100% equaling the maximum allowed size.
*
*
*
* For more information about how permissions work, see Permissions for GetFederationToken.
*
*
* @return An IAM policy in JSON format that is passed with the GetFederationToken
call and evaluated
* along with the policy or policies that are attached to the IAM user whose credentials are used to call
* GetFederationToken
. The passed policy is used to scope down the permissions that are
* available to the IAM user, by allowing only a subset of the permissions that are granted to the IAM user.
* The passed policy cannot grant more permissions than those granted to the IAM user. The final permissions
* for the federated user are the most restrictive set based on the intersection of the passed policy and
* the IAM user policy.
*
* If you do not pass a policy, the resulting temporary security credentials have no effective permissions.
* The only exception is when the temporary security credentials are used to access a resource that has a
* resource-based policy that specifically allows the federated user to access the resource.
*
*
* The format for this parameter, as described by its regex pattern, is a string of characters up to 2048
* characters in length. The characters can be any ASCII character from the space character to the end of
* the valid character list ( -\u00FF). It can also include the tab ( ), linefeed ( ), and carriage return (
* ) characters.
*
*
*
* The policy plain text must be 2048 bytes or shorter. However, an internal conversion compresses it into a
* packed binary format with a separate limit. The PackedPolicySize response element indicates by percentage
* how close to the upper size limit the policy is, with 100% equaling the maximum allowed size.
*
*
*
* For more information about how permissions work, see Permissions for GetFederationToken.
*/
public String policy() {
return policy;
}
/**
*
* The duration, in seconds, that the session should last. Acceptable durations for federation sessions range from
* 900 seconds (15 minutes) to 129600 seconds (36 hours), with 43200 seconds (12 hours) as the default. Sessions
* obtained using AWS account (root) credentials are restricted to a maximum of 3600 seconds (one hour). If the
* specified duration is longer than one hour, the session obtained by using AWS account (root) credentials defaults
* to one hour.
*
*
* @return The duration, in seconds, that the session should last. Acceptable durations for federation sessions
* range from 900 seconds (15 minutes) to 129600 seconds (36 hours), with 43200 seconds (12 hours) as the
* default. Sessions obtained using AWS account (root) credentials are restricted to a maximum of 3600
* seconds (one hour). If the specified duration is longer than one hour, the session obtained by using AWS
* account (root) credentials defaults to one hour.
*/
public Integer durationSeconds() {
return durationSeconds;
}
@Override
public Builder toBuilder() {
return new BuilderImpl(this);
}
public static Builder builder() {
return new BuilderImpl();
}
public static Class extends Builder> serializableBuilderClass() {
return BuilderImpl.class;
}
@Override
public int hashCode() {
int hashCode = 1;
hashCode = 31 * hashCode + Objects.hashCode(name());
hashCode = 31 * hashCode + Objects.hashCode(policy());
hashCode = 31 * hashCode + Objects.hashCode(durationSeconds());
return hashCode;
}
@Override
public boolean equals(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof GetFederationTokenRequest)) {
return false;
}
GetFederationTokenRequest other = (GetFederationTokenRequest) obj;
return Objects.equals(name(), other.name()) && Objects.equals(policy(), other.policy())
&& Objects.equals(durationSeconds(), other.durationSeconds());
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*/
@Override
public String toString() {
return ToString.builder("GetFederationTokenRequest").add("Name", name()).add("Policy", policy())
.add("DurationSeconds", durationSeconds()).build();
}
public Optional getValueForField(String fieldName, Class clazz) {
switch (fieldName) {
case "Name":
return Optional.ofNullable(clazz.cast(name()));
case "Policy":
return Optional.ofNullable(clazz.cast(policy()));
case "DurationSeconds":
return Optional.ofNullable(clazz.cast(durationSeconds()));
default:
return Optional.empty();
}
}
@Override
public List> sdkFields() {
return SDK_FIELDS;
}
private static Function