/** * Build the configured provider * * @return the configured STSAssumeRoleSessionCredentialsProvider */ public STSAssumeRoleSessionCredentialsProvider build() { return new STSAssumeRoleSessionCredentialsProvider(this); } }
this.securityTokenService = builder.sts; } else { this.securityTokenService = buildStsClient(builder); this.refreshableTask = createRefreshableTask(); this.scopeDownPolicy = builder.scopeDownPolicy;
@Override public AWSCredentials getCredentials() { if (needsNewSession()) { startSession(); } return sessionCredentials; }
@Override public void refresh() { startSession(); }
/** * Sets the AWS Security Token Service (STS) endpoint where session credentials are retrieved * from. <p></p> The default AWS Security Token Service (STS) endpoint ("sts.amazonaws.com") * works for all accounts that are not for China (Beijing) region or GovCloud. You only need to * change the endpoint to "sts.cn-north-1.amazonaws.com.cn" when you are requesting session * credentials for services in China(Beijing) region or "sts.us-gov-west-1.amazonaws.com" for * GovCloud. <p></p> Setting this invalidates existing session credentials. * * @deprecated This method may be removed in a future major version. Create multiple providers * if you need to work with multiple STS endpoints. */ @Deprecated public synchronized void setSTSClientEndpoint(String endpoint) { securityTokenService.setEndpoint(endpoint); this.refreshableTask = createRefreshableTask(); }
@Override public AWSCredentials getCredentials() { if (needsNewSession()) { startSession(); } return sessionCredentials; }
@Override public void refresh() { startSession(); }
/** * Sets the AWS Security Token Service (STS) endpoint where session credentials are retrieved * from. <p></p> The default AWS Security Token Service (STS) endpoint ("sts.amazonaws.com") * works for all accounts that are not for China (Beijing) region or GovCloud. You only need to * change the endpoint to "sts.cn-north-1.amazonaws.com.cn" when you are requesting session * credentials for services in China(Beijing) region or "sts.us-gov-west-1.amazonaws.com" for * GovCloud. <p></p> Setting this invalidates existing session credentials. * * @deprecated This method may be removed in a future major version. Create multiple providers * if you need to work with multiple STS endpoints. */ @Deprecated public synchronized void setSTSClientEndpoint(String endpoint) { securityTokenService.setEndpoint(endpoint); this.refreshableTask = createRefreshableTask(); }
new STSAssumeRoleSessionCredentialsProvider( this.cred.getAwsCredentialProvider(), roleArn,
@Override public AWSCredentials getCredentials() { if (needsNewSession()) { startSession(); } return sessionCredentials; }
@Override public void refresh() { startSession(); }
this.securityTokenService = builder.sts; } else { this.securityTokenService = buildStsClient(builder); this.refreshableTask = createRefreshableTask(); this.scopeDownPolicy = builder.scopeDownPolicy;
new STSAssumeRoleSessionCredentialsProvider( this.cred.getAwsCredentialProvider(), roleArn,
provider = new STSAssumeRoleSessionCredentialsProvider(provider, awsRole, "secor");
/** * Build the configured provider * * @return the configured STSAssumeRoleSessionCredentialsProvider */ public STSAssumeRoleSessionCredentialsProvider build() { return new STSAssumeRoleSessionCredentialsProvider(this); } }
public void setRoleToAssumeArn(String roleToAssumeArn) { this.roleToAssumeArn = roleToAssumeArn; if(!Validator.isBlank(roleToAssumeArn)) { String sessionId = "session" + Math.random(); STSAssumeRoleSessionCredentialsProvider remoteAccountCredentials = new STSAssumeRoleSessionCredentialsProvider(credentials, roleToAssumeArn, sessionId); credentials = remoteAccountCredentials; } }
@Override public Object load(final Key<?> key) throws Exception { logger.debug("CacheLoader active for Key : {}", key); Object client = key.region.createClient( key.type, new STSAssumeRoleSessionCredentialsProvider( buildRoleArn(key.accountId), ROLE_SESSION_NAME), null); return client; } });
@Provides @Singleton @S3CredentialsProvider protected AWSCredentialsProvider provideAmazonS3CredentialsProvider(AWSCredentialsProvider credentialsProvider, @SelfHostAndPort HostAndPort hostAndPort) { AWSCredentialsProvider s3CredentialsProvider = credentialsProvider; if (_config.getS3AssumeRole().isPresent()) { s3CredentialsProvider = new STSAssumeRoleSessionCredentialsProvider( credentialsProvider, _config.getS3AssumeRole().get(), "stash-" + hostAndPort.getHostText()); } return s3CredentialsProvider; }
STSAssumeRoleSessionCredentialsProvider credentialsProvider = new STSAssumeRoleSessionCredentialsProvider( (String) config.get("role_arn"), "cloudwatch_exporter"