nlansing/DedicatedServerCourse
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Lesson 35 - Get Compute Auth Token Working

Browse Source
This commit is contained in:
Norman Lansing
2026-02-28 12:32:28 -05:00
parent 1d477ee42a
commit 4fde462bce
7743 changed files with 1397833 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

816
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSClient.h Normal file
View File

@@ -0,0 +1,816 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/client/ClientConfiguration.h>
#include <aws/core/AmazonSerializableWebServiceRequest.h>
#include <aws/core/client/AWSClient.h>
#include <aws/core/client/AWSClientAsyncCRTP.h>
#include <aws/core/utils/xml/XmlSerializer.h>
#include <aws/sts/STSServiceClientModel.h>
namespace Aws
{
namespace STS
{
/**
* <fullname>Security Token Service</fullname> <p>Security Token Service (STS)
* enables you to request temporary, limited-privilege credentials for users. This
* guide provides descriptions of the STS API. For more information about using
* this service, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html">Temporary
* Security Credentials</a>.</p>
*/
class AWS_STS_API STSClient : public Aws::Client::AWSXMLClient, public Aws::Client::ClientWithAsyncTemplateMethods<STSClient>
{
public:
typedef Aws::Client::AWSXMLClient BASECLASS;
static const char* GetServiceName();
static const char* GetAllocationTag();
typedef STSClientConfiguration ClientConfigurationType;
typedef STSEndpointProvider EndpointProviderType;
/**
* Initializes client to use DefaultCredentialProviderChain, with default http client factory, and optional client config. If client config
* is not specified, it will be initialized to default values.
*/
STSClient(const Aws::STS::STSClientConfiguration& clientConfiguration = Aws::STS::STSClientConfiguration(),
std::shared_ptr<STSEndpointProviderBase> endpointProvider = nullptr);
/**
* Initializes client to use SimpleAWSCredentialsProvider, with default http client factory, and optional client config. If client config
* is not specified, it will be initialized to default values.
*/
STSClient(const Aws::Auth::AWSCredentials& credentials,
std::shared_ptr<STSEndpointProviderBase> endpointProvider = nullptr,
const Aws::STS::STSClientConfiguration& clientConfiguration = Aws::STS::STSClientConfiguration());
/**
* Initializes client to use specified credentials provider with specified client config. If http client factory is not supplied,
* the default http client factory will be used
*/
STSClient(const std::shared_ptr<Aws::Auth::AWSCredentialsProvider>& credentialsProvider,
std::shared_ptr<STSEndpointProviderBase> endpointProvider = nullptr,
const Aws::STS::STSClientConfiguration& clientConfiguration = Aws::STS::STSClientConfiguration());
/* Legacy constructors due deprecation */
/**
* Initializes client to use DefaultCredentialProviderChain, with default http client factory, and optional client config. If client config
* is not specified, it will be initialized to default values.
*/
STSClient(const Aws::Client::ClientConfiguration& clientConfiguration);
/**
* Initializes client to use SimpleAWSCredentialsProvider, with default http client factory, and optional client config. If client config
* is not specified, it will be initialized to default values.
*/
STSClient(const Aws::Auth::AWSCredentials& credentials,
const Aws::Client::ClientConfiguration& clientConfiguration);
/**
* Initializes client to use specified credentials provider with specified client config. If http client factory is not supplied,
* the default http client factory will be used
*/
STSClient(const std::shared_ptr<Aws::Auth::AWSCredentialsProvider>& credentialsProvider,
const Aws::Client::ClientConfiguration& clientConfiguration);
/* End of legacy constructors due deprecation */
virtual ~STSClient();
/**
* Converts any request object to a presigned URL with the GET method, using region for the signer and a timeout of 15 minutes.
*/
Aws::String ConvertRequestToPresignedUrl(const Aws::AmazonSerializableWebServiceRequest& requestToConvert, const char* region) const;
/**
* <p>Returns a set of temporary security credentials that you can use to access
* Amazon Web Services resources. These temporary credentials consist of an access
* key ID, a secret access key, and a security token. Typically, you use
* <code>AssumeRole</code> within your account or for cross-account access. For a
* comparison of <code>AssumeRole</code> with other API operations that produce
* temporary credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting
* Temporary Security Credentials</a> and <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing
* the Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
* <p> <b>Permissions</b> </p> <p>The temporary security credentials created by
* <code>AssumeRole</code> can be used to make API calls to any Amazon Web Services
* service with the following exception: You cannot call the Amazon Web Services
* STS <code>GetFederationToken</code> or <code>GetSessionToken</code> API
* operations.</p> <p>(Optional) You can pass inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policies</a> to this operation. You can pass a single JSON policy document to
* use as an inline session policy. You can also specify up to 10 managed policy
* Amazon Resource Names (ARNs) to use as managed session policies. The plaintext
* that you use for both inline and managed session policies can't exceed 2,048
* characters. Passing policies to this operation returns new temporary
* credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access
* resources in the account that owns the role. You cannot use session policies to
* grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>When you create a role, you
* create two policies: a role trust policy that specifies <i>who</i> can assume
* the role, and a permissions policy that specifies <i>what</i> can be done with
* the role. You specify the trusted principal that is allowed to assume the role
* in the role trust policy.</p> <p>To assume a role from a different account, your
* Amazon Web Services account must be trusted by the role. The trust relationship
* is defined in the role's trust policy when the role is created. That trust
* policy states which accounts are allowed to delegate that access to users in the
* account. </p> <p>A user who wants to access a role in a different account must
* also have permissions that are delegated from the account administrator. The
* administrator must attach a policy that allows the user to call
* <code>AssumeRole</code> for the ARN of the role in the other account.</p> <p>To
* allow a user to assume a role in the same account, you can do either of the
* following:</p> <ul> <li> <p>Attach a policy to the user that allows the user to
* call <code>AssumeRole</code> (as long as the role's trust policy trusts the
* account).</p> </li> <li> <p>Add the user as a principal directly in the role's
* trust policy.</p> </li> </ul> <p>You can do either because the roles trust
* policy acts as an IAM resource-based policy. When a resource-based policy grants
* access to a principal in the same account, no additional identity-based policy
* is required. For more information about trust policies and resource-based
* policies, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html">IAM
* Policies</a> in the <i>IAM User Guide</i>.</p> <p> <b>Tags</b> </p>
* <p>(Optional) You can pass tag key-value pairs to your session. These tags are
* called session tags. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>An administrator
* must grant you the permissions necessary to pass session tags. The administrator
* can also create granular permissions to allow you to pass only specific session
* tags. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html">Tutorial:
* Using Tags for Attribute-Based Access Control</a> in the <i>IAM User
* Guide</i>.</p> <p>You can set the session tags as transitive. Transitive tags
* persist during role chaining. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining
* Roles with Session Tags</a> in the <i>IAM User Guide</i>.</p> <p> <b>Using MFA
* with AssumeRole</b> </p> <p>(Optional) You can include multi-factor
* authentication (MFA) information when you call <code>AssumeRole</code>. This is
* useful for cross-account scenarios to ensure that the user that assumes the role
* has been authenticated with an Amazon Web Services MFA device. In that scenario,
* the trust policy of the role being assumed includes a condition that tests for
* MFA authentication. If the caller does not include valid MFA information, the
* request to assume the role is denied. The condition in a trust policy that tests
* for MFA authentication might look like the following example.</p> <p>
* <code>"Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}}</code> </p>
* <p>For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html">Configuring
* MFA-Protected API Access</a> in the <i>IAM User Guide</i> guide.</p> <p>To use
* MFA with <code>AssumeRole</code>, you pass values for the
* <code>SerialNumber</code> and <code>TokenCode</code> parameters. The
* <code>SerialNumber</code> value identifies the user's hardware or virtual MFA
* device. The <code>TokenCode</code> is the time-based one-time password (TOTP)
* that the MFA device produces. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole">AWS API
* Reference</a></p>
*/
virtual Model::AssumeRoleOutcome AssumeRole(const Model::AssumeRoleRequest& request) const;
/**
* A Callable wrapper for AssumeRole that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename AssumeRoleRequestT = Model::AssumeRoleRequest>
Model::AssumeRoleOutcomeCallable AssumeRoleCallable(const AssumeRoleRequestT& request) const
{
return SubmitCallable(&STSClient::AssumeRole, request);
}
/**
* An Async wrapper for AssumeRole that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename AssumeRoleRequestT = Model::AssumeRoleRequest>
void AssumeRoleAsync(const AssumeRoleRequestT& request, const AssumeRoleResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
{
return SubmitAsync(&STSClient::AssumeRole, request, handler, context);
}
/**
* <p>Returns a set of temporary security credentials for users who have been
* authenticated via a SAML authentication response. This operation provides a
* mechanism for tying an enterprise identity store or directory to role-based
* Amazon Web Services access without user-specific credentials or configuration.
* For a comparison of <code>AssumeRoleWithSAML</code> with the other API
* operations that produce temporary credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting
* Temporary Security Credentials</a> and <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing
* the Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
* <p>The temporary security credentials returned by this operation consist of an
* access key ID, a secret access key, and a security token. Applications can use
* these temporary security credentials to sign calls to Amazon Web Services
* services.</p> <p> <b>Session Duration</b> </p> <p>By default, the temporary
* security credentials created by <code>AssumeRoleWithSAML</code> last for one
* hour. However, you can use the optional <code>DurationSeconds</code> parameter
* to specify the duration of your session. Your role session lasts for the
* duration that you specify, or until the time specified in the SAML
* authentication response's <code>SessionNotOnOrAfter</code> value, whichever is
* shorter. You can provide a <code>DurationSeconds</code> value from 900 seconds
* (15 minutes) up to the maximum session duration setting for the role. This
* setting can have a value from 1 hour to 12 hours. To learn how to view the
* maximum value for your role, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View
* the Maximum Session Duration Setting for a Role</a> in the <i>IAM User
* Guide</i>. The maximum session duration limit applies when you use the
* <code>AssumeRole*</code> API operations or the <code>assume-role*</code> CLI
* commands. However the limit does not apply when you use those operations to
* create a console URL. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html">Using
* IAM Roles</a> in the <i>IAM User Guide</i>.</p> <p> <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-role-chaining">Role
* chaining</a> limits your CLI or Amazon Web Services API role session to a
* maximum of one hour. When you use the <code>AssumeRole</code> API operation to
* assume a role, you can specify the duration of your role session with the
* <code>DurationSeconds</code> parameter. You can specify a parameter value of up
* to 43200 seconds (12 hours), depending on the maximum session duration setting
* for your role. However, if you assume a role using role chaining and provide a
* <code>DurationSeconds</code> parameter value greater than one hour, the
* operation fails.</p> <p> <b>Permissions</b> </p> <p>The temporary
* security credentials created by <code>AssumeRoleWithSAML</code> can be used to
* make API calls to any Amazon Web Services service with the following exception:
* you cannot call the STS <code>GetFederationToken</code> or
* <code>GetSessionToken</code> API operations.</p> <p>(Optional) You can pass
* inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policies</a> to this operation. You can pass a single JSON policy document to
* use as an inline session policy. You can also specify up to 10 managed policy
* Amazon Resource Names (ARNs) to use as managed session policies. The plaintext
* that you use for both inline and managed session policies can't exceed 2,048
* characters. Passing policies to this operation returns new temporary
* credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access
* resources in the account that owns the role. You cannot use session policies to
* grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>Calling
* <code>AssumeRoleWithSAML</code> does not require the use of Amazon Web Services
* security credentials. The identity of the caller is validated by using keys in
* the metadata document that is uploaded for the SAML provider entity for your
* identity provider. </p> <p>Calling <code>AssumeRoleWithSAML</code>
* can result in an entry in your CloudTrail logs. The entry includes the value in
* the <code>NameID</code> element of the SAML assertion. We recommend that you use
* a <code>NameIDType</code> that is not associated with any personally
* identifiable information (PII). For example, you could instead use the
* persistent identifier
* (<code>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</code>).</p>
* <p> <b>Tags</b> </p> <p>(Optional) You can configure your IdP to
* pass attributes into your SAML assertion as session tags. Each session tag
* consists of a key name and an associated value. For more information about
* session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>You can pass up to
* 50 session tags. The plaintext session tag keys cant exceed 128 characters and
* the values cant exceed 256 characters. For these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is attached to the role. When you do, session tags override
* the role's tags with the same key.</p> <p>An administrator must grant you the
* permissions necessary to pass session tags. The administrator can also create
* granular permissions to allow you to pass only specific session tags. For more
* information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html">Tutorial:
* Using Tags for Attribute-Based Access Control</a> in the <i>IAM User
* Guide</i>.</p> <p>You can set the session tags as transitive. Transitive tags
* persist during role chaining. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining
* Roles with Session Tags</a> in the <i>IAM User Guide</i>.</p> <p> <b>SAML
* Configuration</b> </p> <p>Before your application can call
* <code>AssumeRoleWithSAML</code>, you must configure your SAML identity provider
* (IdP) to issue the claims required by Amazon Web Services. Additionally, you
* must use Identity and Access Management (IAM) to create a SAML provider entity
* in your Amazon Web Services account that represents your identity provider. You
* must also create an IAM role that specifies this SAML provider in its trust
* policy. </p> <p>For more information, see the following resources:</p> <ul> <li>
* <p> <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html">About
* SAML 2.0-based Federation</a> in the <i>IAM User Guide</i>. </p> </li> <li> <p>
* <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html">Creating
* SAML Identity Providers</a> in the <i>IAM User Guide</i>. </p> </li> <li> <p> <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html">Configuring
* a Relying Party and Claims</a> in the <i>IAM User Guide</i>. </p> </li> <li> <p>
* <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html">Creating
* a Role for SAML 2.0 Federation</a> in the <i>IAM User Guide</i>. </p> </li>
* </ul><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAML">AWS
* API Reference</a></p>
*/
virtual Model::AssumeRoleWithSAMLOutcome AssumeRoleWithSAML(const Model::AssumeRoleWithSAMLRequest& request) const;
/**
* A Callable wrapper for AssumeRoleWithSAML that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename AssumeRoleWithSAMLRequestT = Model::AssumeRoleWithSAMLRequest>
Model::AssumeRoleWithSAMLOutcomeCallable AssumeRoleWithSAMLCallable(const AssumeRoleWithSAMLRequestT& request) const
{
return SubmitCallable(&STSClient::AssumeRoleWithSAML, request);
}
/**
* An Async wrapper for AssumeRoleWithSAML that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename AssumeRoleWithSAMLRequestT = Model::AssumeRoleWithSAMLRequest>
void AssumeRoleWithSAMLAsync(const AssumeRoleWithSAMLRequestT& request, const AssumeRoleWithSAMLResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
{
return SubmitAsync(&STSClient::AssumeRoleWithSAML, request, handler, context);
}
/**
* <p>Returns a set of temporary security credentials for users who have been
* authenticated in a mobile or web application with a web identity provider.
* Example providers include the OAuth 2.0 providers Login with Amazon and
* Facebook, or any OpenID Connect-compatible identity provider such as Google or
* <a
* href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html">Amazon
* Cognito federated identities</a>.</p> <p>For mobile applications, we
* recommend that you use Amazon Cognito. You can use Amazon Cognito with the <a
* href="http://aws.amazon.com/sdkforios/">Amazon Web Services SDK for iOS
* Developer Guide</a> and the <a
* href="http://aws.amazon.com/sdkforandroid/">Amazon Web Services SDK for Android
* Developer Guide</a> to uniquely identify a user. You can also supply the user
* with a consistent identity throughout the lifetime of an application.</p> <p>To
* learn more about Amazon Cognito, see <a
* href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html">Amazon
* Cognito identity pools</a> in <i>Amazon Cognito Developer Guide</i>.</p>
* <p>Calling <code>AssumeRoleWithWebIdentity</code> does not require the use of
* Amazon Web Services security credentials. Therefore, you can distribute an
* application (for example, on mobile devices) that requests temporary security
* credentials without including long-term Amazon Web Services credentials in the
* application. You also don't need to deploy server-based proxy services that use
* long-term Amazon Web Services credentials. Instead, the identity of the caller
* is validated by using a token from the web identity provider. For a comparison
* of <code>AssumeRoleWithWebIdentity</code> with the other API operations that
* produce temporary credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting
* Temporary Security Credentials</a> and <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing
* the Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
* <p>The temporary security credentials returned by this API consist of an access
* key ID, a secret access key, and a security token. Applications can use these
* temporary security credentials to sign calls to Amazon Web Services service API
* operations.</p> <p> <b>Session Duration</b> </p> <p>By default, the temporary
* security credentials created by <code>AssumeRoleWithWebIdentity</code> last for
* one hour. However, you can use the optional <code>DurationSeconds</code>
* parameter to specify the duration of your session. You can provide a value from
* 900 seconds (15 minutes) up to the maximum session duration setting for the
* role. This setting can have a value from 1 hour to 12 hours. To learn how to
* view the maximum value for your role, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View
* the Maximum Session Duration Setting for a Role</a> in the <i>IAM User
* Guide</i>. The maximum session duration limit applies when you use the
* <code>AssumeRole*</code> API operations or the <code>assume-role*</code> CLI
* commands. However the limit does not apply when you use those operations to
* create a console URL. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html">Using
* IAM Roles</a> in the <i>IAM User Guide</i>. </p> <p> <b>Permissions</b> </p>
* <p>The temporary security credentials created by
* <code>AssumeRoleWithWebIdentity</code> can be used to make API calls to any
* Amazon Web Services service with the following exception: you cannot call the
* STS <code>GetFederationToken</code> or <code>GetSessionToken</code> API
* operations.</p> <p>(Optional) You can pass inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policies</a> to this operation. You can pass a single JSON policy document to
* use as an inline session policy. You can also specify up to 10 managed policy
* Amazon Resource Names (ARNs) to use as managed session policies. The plaintext
* that you use for both inline and managed session policies can't exceed 2,048
* characters. Passing policies to this operation returns new temporary
* credentials. The resulting session's permissions are the intersection of the
* role's identity-based policy and the session policies. You can use the role's
* temporary credentials in subsequent Amazon Web Services API calls to access
* resources in the account that owns the role. You cannot use session policies to
* grant more permissions than those allowed by the identity-based policy of the
* role that is being assumed. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p> <b>Tags</b> </p>
* <p>(Optional) You can configure your IdP to pass attributes into your web
* identity token as session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>You can pass up to
* 50 session tags. The plaintext session tag keys cant exceed 128 characters and
* the values cant exceed 256 characters. For these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is attached to the role. When you do, the session tag
* overrides the role tag with the same key.</p> <p>An administrator must grant you
* the permissions necessary to pass session tags. The administrator can also
* create granular permissions to allow you to pass only specific session tags. For
* more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html">Tutorial:
* Using Tags for Attribute-Based Access Control</a> in the <i>IAM User
* Guide</i>.</p> <p>You can set the session tags as transitive. Transitive tags
* persist during role chaining. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining
* Roles with Session Tags</a> in the <i>IAM User Guide</i>.</p> <p>
* <b>Identities</b> </p> <p>Before your application can call
* <code>AssumeRoleWithWebIdentity</code>, you must have an identity token from a
* supported identity provider and create a role that the application can assume.
* The role that your application assumes must trust the identity provider that is
* associated with the identity token. In other words, the identity provider must
* be specified in the role's trust policy. </p> <p>Calling
* <code>AssumeRoleWithWebIdentity</code> can result in an entry in your CloudTrail
* logs. The entry includes the <a
* href="http://openid.net/specs/openid-connect-core-1_0.html#Claims">Subject</a>
* of the provided web identity token. We recommend that you avoid using any
* personally identifiable information (PII) in this field. For example, you could
* instead use a GUID or a pairwise identifier, as <a
* href="http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes">suggested
* in the OIDC specification</a>.</p> <p>For more information about
* how to use web identity federation and the
* <code>AssumeRoleWithWebIdentity</code> API, see the following resources: </p>
* <ul> <li> <p> <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html">Using
* Web Identity Federation API Operations for Mobile Apps</a> and <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity">Federation
* Through a Web-based Identity Provider</a>. </p> </li> <li> <p> <a
* href="https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/">
* Web Identity Federation Playground</a>. Walk through the process of
* authenticating through Login with Amazon, Facebook, or Google, getting temporary
* security credentials, and then using those credentials to make a request to
* Amazon Web Services. </p> </li> <li> <p> <a
* href="http://aws.amazon.com/sdkforios/">Amazon Web Services SDK for iOS
* Developer Guide</a> and <a href="http://aws.amazon.com/sdkforandroid/">Amazon
* Web Services SDK for Android Developer Guide</a>. These toolkits contain sample
* apps that show how to invoke the identity providers. The toolkits then show how
* to use the information from these providers to get and use temporary security
* credentials. </p> </li> <li> <p> <a
* href="http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications">Web
* Identity Federation with Mobile Applications</a>. This article discusses web
* identity federation and shows an example of how to use web identity federation
* to get access to content in Amazon S3. </p> </li> </ul><p><h3>See Also:</h3>
* <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentity">AWS
* API Reference</a></p>
*/
virtual Model::AssumeRoleWithWebIdentityOutcome AssumeRoleWithWebIdentity(const Model::AssumeRoleWithWebIdentityRequest& request) const;
/**
* A Callable wrapper for AssumeRoleWithWebIdentity that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename AssumeRoleWithWebIdentityRequestT = Model::AssumeRoleWithWebIdentityRequest>
Model::AssumeRoleWithWebIdentityOutcomeCallable AssumeRoleWithWebIdentityCallable(const AssumeRoleWithWebIdentityRequestT& request) const
{
return SubmitCallable(&STSClient::AssumeRoleWithWebIdentity, request);
}
/**
* An Async wrapper for AssumeRoleWithWebIdentity that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename AssumeRoleWithWebIdentityRequestT = Model::AssumeRoleWithWebIdentityRequest>
void AssumeRoleWithWebIdentityAsync(const AssumeRoleWithWebIdentityRequestT& request, const AssumeRoleWithWebIdentityResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
{
return SubmitAsync(&STSClient::AssumeRoleWithWebIdentity, request, handler, context);
}
/**
* <p>Decodes additional information about the authorization status of a request
* from an encoded message returned in response to an Amazon Web Services
* request.</p> <p>For example, if a user is not authorized to perform an operation
* that he or she has requested, the request returns a
* <code>Client.UnauthorizedOperation</code> response (an HTTP 403 response). Some
* Amazon Web Services operations additionally return an encoded message that can
* provide details about this authorization failure. </p> <p>Only certain
* Amazon Web Services operations return an encoded authorization message. The
* documentation for an individual operation indicates whether that operation
* returns an encoded message in addition to returning an HTTP code.</p>
* <p>The message is encoded because the details of the authorization status can
* contain privileged information that the user who requested the operation should
* not see. To decode an authorization status message, a user must be granted
* permissions through an IAM <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html">policy</a>
* to request the <code>DecodeAuthorizationMessage</code>
* (<code>sts:DecodeAuthorizationMessage</code>) action. </p> <p>The decoded
* message includes the following type of information:</p> <ul> <li> <p>Whether the
* request was denied due to an explicit deny or due to the absence of an explicit
* allow. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow">Determining
* Whether a Request is Allowed or Denied</a> in the <i>IAM User Guide</i>. </p>
* </li> <li> <p>The principal who made the request.</p> </li> <li> <p>The
* requested action.</p> </li> <li> <p>The requested resource.</p> </li> <li>
* <p>The values of condition keys in the context of the user's request.</p> </li>
* </ul><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessage">AWS
* API Reference</a></p>
*/
virtual Model::DecodeAuthorizationMessageOutcome DecodeAuthorizationMessage(const Model::DecodeAuthorizationMessageRequest& request) const;
/**
* A Callable wrapper for DecodeAuthorizationMessage that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename DecodeAuthorizationMessageRequestT = Model::DecodeAuthorizationMessageRequest>
Model::DecodeAuthorizationMessageOutcomeCallable DecodeAuthorizationMessageCallable(const DecodeAuthorizationMessageRequestT& request) const
{
return SubmitCallable(&STSClient::DecodeAuthorizationMessage, request);
}
/**
* An Async wrapper for DecodeAuthorizationMessage that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename DecodeAuthorizationMessageRequestT = Model::DecodeAuthorizationMessageRequest>
void DecodeAuthorizationMessageAsync(const DecodeAuthorizationMessageRequestT& request, const DecodeAuthorizationMessageResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
{
return SubmitAsync(&STSClient::DecodeAuthorizationMessage, request, handler, context);
}
/**
* <p>Returns the account identifier for the specified access key ID.</p> <p>Access
* keys consist of two parts: an access key ID (for example,
* <code>AKIAIOSFODNN7EXAMPLE</code>) and a secret access key (for example,
* <code>wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</code>). For more information
* about access keys, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html">Managing
* Access Keys for IAM Users</a> in the <i>IAM User Guide</i>.</p> <p>When you pass
* an access key ID to this operation, it returns the ID of the Amazon Web Services
* account to which the keys belong. Access key IDs beginning with
* <code>AKIA</code> are long-term credentials for an IAM user or the Amazon Web
* Services account root user. Access key IDs beginning with <code>ASIA</code> are
* temporary credentials that are created using STS operations. If the account in
* the response belongs to you, you can sign in as the root user and review your
* root user access keys. Then, you can pull a <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html">credentials
* report</a> to learn which IAM user owns the keys. To learn who requested the
* temporary credentials for an <code>ASIA</code> access key, view the STS events
* in your <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html">CloudTrail
* logs</a> in the <i>IAM User Guide</i>.</p> <p>This operation does not indicate
* the state of the access key. The key might be active, inactive, or deleted.
* Active keys might not have permissions to perform an operation. Providing a
* deleted access key might return an error that the key doesn't
* exist.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo">AWS
* API Reference</a></p>
*/
virtual Model::GetAccessKeyInfoOutcome GetAccessKeyInfo(const Model::GetAccessKeyInfoRequest& request) const;
/**
* A Callable wrapper for GetAccessKeyInfo that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename GetAccessKeyInfoRequestT = Model::GetAccessKeyInfoRequest>
Model::GetAccessKeyInfoOutcomeCallable GetAccessKeyInfoCallable(const GetAccessKeyInfoRequestT& request) const
{
return SubmitCallable(&STSClient::GetAccessKeyInfo, request);
}
/**
* An Async wrapper for GetAccessKeyInfo that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename GetAccessKeyInfoRequestT = Model::GetAccessKeyInfoRequest>
void GetAccessKeyInfoAsync(const GetAccessKeyInfoRequestT& request, const GetAccessKeyInfoResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
{
return SubmitAsync(&STSClient::GetAccessKeyInfo, request, handler, context);
}
/**
* <p>Returns details about the IAM user or role whose credentials are used to call
* the operation.</p> <p>No permissions are required to perform this
* operation. If an administrator attaches a policy to your identity that
* explicitly denies access to the <code>sts:GetCallerIdentity</code> action, you
* can still perform this operation. Permissions are not required because the same
* information is returned when access is denied. To view an example response, see
* <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa">I
* Am Not Authorized to Perform: iam:DeleteVirtualMFADevice</a> in the <i>IAM User
* Guide</i>.</p> <p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetCallerIdentity">AWS
* API Reference</a></p>
*/
virtual Model::GetCallerIdentityOutcome GetCallerIdentity(const Model::GetCallerIdentityRequest& request = {}) const;
/**
* A Callable wrapper for GetCallerIdentity that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename GetCallerIdentityRequestT = Model::GetCallerIdentityRequest>
Model::GetCallerIdentityOutcomeCallable GetCallerIdentityCallable(const GetCallerIdentityRequestT& request = {}) const
{
return SubmitCallable(&STSClient::GetCallerIdentity, request);
}
/**
* An Async wrapper for GetCallerIdentity that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename GetCallerIdentityRequestT = Model::GetCallerIdentityRequest>
void GetCallerIdentityAsync(const GetCallerIdentityResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr, const GetCallerIdentityRequestT& request = {}) const
{
return SubmitAsync(&STSClient::GetCallerIdentity, request, handler, context);
}
/**
* <p>Returns a set of temporary security credentials (consisting of an access key
* ID, a secret access key, and a security token) for a user. A typical use is in a
* proxy application that gets temporary security credentials on behalf of
* distributed applications inside a corporate network.</p> <p>You must call the
* <code>GetFederationToken</code> operation using the long-term security
* credentials of an IAM user. As a result, this call is appropriate in contexts
* where those credentials can be safeguarded, usually in a server-based
* application. For a comparison of <code>GetFederationToken</code> with the other
* API operations that produce temporary credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting
* Temporary Security Credentials</a> and <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing
* the Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
* <p>Although it is possible to call <code>GetFederationToken</code> using the
* security credentials of an Amazon Web Services account root user rather than an
* IAM user that you create for the purpose of a proxy application, we do not
* recommend it. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials">Safeguard
* your root user credentials and don't use them for everyday tasks</a> in the
* <i>IAM User Guide</i>. </p> <p>You can create a mobile-based or
* browser-based app that can authenticate users using a web identity provider like
* Login with Amazon, Facebook, Google, or an OpenID Connect-compatible identity
* provider. In this case, we recommend that you use <a
* href="http://aws.amazon.com/cognito/">Amazon Cognito</a> or
* <code>AssumeRoleWithWebIdentity</code>. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity">Federation
* Through a Web-based Identity Provider</a> in the <i>IAM User Guide</i>.</p>
* <p> <b>Session duration</b> </p> <p>The temporary credentials are valid
* for the specified duration, from 900 seconds (15 minutes) up to a maximum of
* 129,600 seconds (36 hours). The default session duration is 43,200 seconds (12
* hours). Temporary credentials obtained by using the root user credentials have a
* maximum duration of 3,600 seconds (1 hour).</p> <p> <b>Permissions</b> </p>
* <p>You can use the temporary credentials created by
* <code>GetFederationToken</code> in any Amazon Web Services service with the
* following exceptions:</p> <ul> <li> <p>You cannot call any IAM operations using
* the CLI or the Amazon Web Services API. This limitation does not apply to
* console sessions.</p> </li> <li> <p>You cannot call any STS operations except
* <code>GetCallerIdentity</code>.</p> </li> </ul> <p>You can use temporary
* credentials for single sign-on (SSO) to the console.</p> <p>You must pass an
* inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048
* characters.</p> <p>Though the session policy parameters are optional, if you do
* not pass a policy, then the resulting federated user session has no permissions.
* When you pass session policies, the session permissions are the intersection of
* the IAM user policies and the session policies that you pass. This gives you a
* way to further restrict the permissions for a federated user. You cannot use
* session policies to grant more permissions than those that are defined in the
* permissions policy of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>. For information about using
* <code>GetFederationToken</code> to create temporary security credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken">GetFederationToken—Federation
* Through a Custom Identity Broker</a>. </p> <p>You can use the credentials to
* access a resource that has a resource-based policy. If that policy specifically
* references the federated user session in the <code>Principal</code> element of
* the policy, the session has the permissions allowed by the policy. These
* permissions are granted in addition to the permissions granted by the session
* policies.</p> <p> <b>Tags</b> </p> <p>(Optional) You can pass tag key-value
* pairs to your session. These are called session tags. For more information about
* session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>You can
* create a mobile-based or browser-based app that can authenticate users using a
* web identity provider like Login with Amazon, Facebook, Google, or an OpenID
* Connect-compatible identity provider. In this case, we recommend that you use <a
* href="http://aws.amazon.com/cognito/">Amazon Cognito</a> or
* <code>AssumeRoleWithWebIdentity</code>. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity">Federation
* Through a Web-based Identity Provider</a> in the <i>IAM User Guide</i>.</p>
* <p>An administrator must grant you the permissions necessary to pass
* session tags. The administrator can also create granular permissions to allow
* you to pass only specific session tags. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html">Tutorial:
* Using Tags for Attribute-Based Access Control</a> in the <i>IAM User
* Guide</i>.</p> <p>Tag keyvalue pairs are not case sensitive, but case is
* preserved. This means that you cannot have separate <code>Department</code> and
* <code>department</code> tag keys. Assume that the user that you are federating
* has the <code>Department</code>=<code>Marketing</code> tag and you pass the
* <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the user
* tag.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationToken">AWS
* API Reference</a></p>
*/
virtual Model::GetFederationTokenOutcome GetFederationToken(const Model::GetFederationTokenRequest& request) const;
/**
* A Callable wrapper for GetFederationToken that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename GetFederationTokenRequestT = Model::GetFederationTokenRequest>
Model::GetFederationTokenOutcomeCallable GetFederationTokenCallable(const GetFederationTokenRequestT& request) const
{
return SubmitCallable(&STSClient::GetFederationToken, request);
}
/**
* An Async wrapper for GetFederationToken that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename GetFederationTokenRequestT = Model::GetFederationTokenRequest>
void GetFederationTokenAsync(const GetFederationTokenRequestT& request, const GetFederationTokenResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr) const
{
return SubmitAsync(&STSClient::GetFederationToken, request, handler, context);
}
/**
* <p>Returns a set of temporary credentials for an Amazon Web Services account or
* IAM user. The credentials consist of an access key ID, a secret access key, and
* a security token. Typically, you use <code>GetSessionToken</code> if you want to
* use MFA to protect programmatic calls to specific Amazon Web Services API
* operations like Amazon EC2 <code>StopInstances</code>.</p> <p>MFA-enabled IAM
* users must call <code>GetSessionToken</code> and submit an MFA code that is
* associated with their MFA device. Using the temporary security credentials that
* the call returns, IAM users can then make programmatic calls to API operations
* that require MFA authentication. An incorrect MFA code causes the API to return
* an access denied error. For a comparison of <code>GetSessionToken</code> with
* the other API operations that produce temporary credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html">Requesting
* Temporary Security Credentials</a> and <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison">Comparing
* the Amazon Web Services STS API operations</a> in the <i>IAM User Guide</i>.</p>
* <p>No permissions are required for users to perform this operation. The
* purpose of the <code>sts:GetSessionToken</code> operation is to authenticate the
* user using MFA. You cannot use policies to control authentication operations.
* For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html">Permissions
* for GetSessionToken</a> in the <i>IAM User Guide</i>.</p> <p> <b>Session
* Duration</b> </p> <p>The <code>GetSessionToken</code> operation must be called
* by using the long-term Amazon Web Services security credentials of an IAM user.
* Credentials that are created by IAM users are valid for the duration that you
* specify. This duration can range from 900 seconds (15 minutes) up to a maximum
* of 129,600 seconds (36 hours), with a default of 43,200 seconds (12 hours).
* Credentials based on account credentials can range from 900 seconds (15 minutes)
* up to 3,600 seconds (1 hour), with a default of 1 hour. </p> <p>
* <b>Permissions</b> </p> <p>The temporary security credentials created by
* <code>GetSessionToken</code> can be used to make API calls to any Amazon Web
* Services service with the following exceptions:</p> <ul> <li> <p>You cannot call
* any IAM API operations unless MFA authentication information is included in the
* request.</p> </li> <li> <p>You cannot call any STS API <i>except</i>
* <code>AssumeRole</code> or <code>GetCallerIdentity</code>.</p> </li> </ul>
* <p>The credentials that <code>GetSessionToken</code> returns are based on
* permissions associated with the IAM user whose credentials were used to call the
* operation. The temporary credentials have the same permissions as the IAM
* user.</p> <p>Although it is possible to call <code>GetSessionToken</code>
* using the security credentials of an Amazon Web Services account root user
* rather than an IAM user, we do not recommend it. If <code>GetSessionToken</code>
* is called using root user credentials, the temporary credentials have root user
* permissions. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials">Safeguard
* your root user credentials and don't use them for everyday tasks</a> in the
* <i>IAM User Guide</i> </p> <p>For more information about using
* <code>GetSessionToken</code> to create temporary credentials, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken">Temporary
* Credentials for Users in Untrusted Environments</a> in the <i>IAM User
* Guide</i>. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionToken">AWS
* API Reference</a></p>
*/
virtual Model::GetSessionTokenOutcome GetSessionToken(const Model::GetSessionTokenRequest& request = {}) const;
/**
* A Callable wrapper for GetSessionToken that returns a future to the operation so that it can be executed in parallel to other requests.
*/
template<typename GetSessionTokenRequestT = Model::GetSessionTokenRequest>
Model::GetSessionTokenOutcomeCallable GetSessionTokenCallable(const GetSessionTokenRequestT& request = {}) const
{
return SubmitCallable(&STSClient::GetSessionToken, request);
}
/**
* An Async wrapper for GetSessionToken that queues the request into a thread executor and triggers associated callback when operation has finished.
*/
template<typename GetSessionTokenRequestT = Model::GetSessionTokenRequest>
void GetSessionTokenAsync(const GetSessionTokenResponseReceivedHandler& handler, const std::shared_ptr<const Aws::Client::AsyncCallerContext>& context = nullptr, const GetSessionTokenRequestT& request = {}) const
{
return SubmitAsync(&STSClient::GetSessionToken, request, handler, context);
}
void OverrideEndpoint(const Aws::String& endpoint);
std::shared_ptr<STSEndpointProviderBase>& accessEndpointProvider();
private:
friend class Aws::Client::ClientWithAsyncTemplateMethods<STSClient>;
void init(const STSClientConfiguration& clientConfiguration);
STSClientConfiguration m_clientConfiguration;
std::shared_ptr<STSEndpointProviderBase> m_endpointProvider;
};
} // namespace STS
} // namespace Aws

61
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSEndpointProvider.h Normal file
View File

@@ -0,0 +1,61 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/client/GenericClientConfiguration.h>
#include <aws/core/endpoint/DefaultEndpointProvider.h>
#include <aws/core/endpoint/EndpointParameter.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/sts/STSEndpointRules.h>
namespace Aws
{
namespace STS
{
namespace Endpoint
{
using EndpointParameters = Aws::Endpoint::EndpointParameters;
using Aws::Endpoint::EndpointProviderBase;
using Aws::Endpoint::DefaultEndpointProvider;
using STSClientContextParameters = Aws::Endpoint::ClientContextParameters;
using STSClientConfiguration = Aws::Client::GenericClientConfiguration;
using STSBuiltInParameters = Aws::Endpoint::BuiltInParameters;
/**
* The type for the STS Client Endpoint Provider.
* Inherit from this Base class / "Interface" should you want to provide a custom endpoint provider.
* The SDK must use service-specific type for each service per specification.
*/
using STSEndpointProviderBase =
EndpointProviderBase<STSClientConfiguration, STSBuiltInParameters, STSClientContextParameters>;
using STSDefaultEpProviderBase =
DefaultEndpointProvider<STSClientConfiguration, STSBuiltInParameters, STSClientContextParameters>;
/**
* Default endpoint provider used for this service
*/
class AWS_STS_API STSEndpointProvider : public STSDefaultEpProviderBase
{
public:
using STSResolveEndpointOutcome = Aws::Endpoint::ResolveEndpointOutcome;
STSEndpointProvider()
: STSDefaultEpProviderBase(Aws::STS::STSEndpointRules::GetRulesBlob(), Aws::STS::STSEndpointRules::RulesBlobSize)
{}
~STSEndpointProvider()
{
}
};
} // namespace Endpoint
} // namespace STS
} // namespace Aws

23
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSEndpointRules.h Normal file
View File

@@ -0,0 +1,23 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <cstddef>
#include <aws/sts/STS_EXPORTS.h>
namespace Aws
{
namespace STS
{
class STSEndpointRules
{
public:
static const size_t RulesBlobStrLen;
static const size_t RulesBlobSize;
static const char* GetRulesBlob();
};
} // namespace STS
} // namespace Aws

23
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSErrorMarshaller.h Normal file
View File

@@ -0,0 +1,23 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/client/AWSErrorMarshaller.h>
namespace Aws
{
namespace Client
{
class AWS_STS_API STSErrorMarshaller : public Aws::Client::XmlErrorMarshaller
{
public:
Aws::Client::AWSError<Aws::Client::CoreErrors> FindErrorByName(const char* exceptionName) const override;
};
} // namespace Client
} // namespace Aws

79
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSErrors.h Normal file
View File

@@ -0,0 +1,79 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/core/client/AWSError.h>
#include <aws/core/client/CoreErrors.h>
#include <aws/sts/STS_EXPORTS.h>
namespace Aws
{
namespace STS
{
enum class STSErrors
{
//From Core//
//////////////////////////////////////////////////////////////////////////////////////////
INCOMPLETE_SIGNATURE = 0,
INTERNAL_FAILURE = 1,
INVALID_ACTION = 2,
INVALID_CLIENT_TOKEN_ID = 3,
INVALID_PARAMETER_COMBINATION = 4,
INVALID_QUERY_PARAMETER = 5,
INVALID_PARAMETER_VALUE = 6,
MISSING_ACTION = 7, // SDK should never allow
MISSING_AUTHENTICATION_TOKEN = 8, // SDK should never allow
MISSING_PARAMETER = 9, // SDK should never allow
OPT_IN_REQUIRED = 10,
REQUEST_EXPIRED = 11,
SERVICE_UNAVAILABLE = 12,
THROTTLING = 13,
VALIDATION = 14,
ACCESS_DENIED = 15,
RESOURCE_NOT_FOUND = 16,
UNRECOGNIZED_CLIENT = 17,
MALFORMED_QUERY_STRING = 18,
SLOW_DOWN = 19,
REQUEST_TIME_TOO_SKEWED = 20,
INVALID_SIGNATURE = 21,
SIGNATURE_DOES_NOT_MATCH = 22,
INVALID_ACCESS_KEY_ID = 23,
REQUEST_TIMEOUT = 24,
NETWORK_CONNECTION = 99,
UNKNOWN = 100,
///////////////////////////////////////////////////////////////////////////////////////////
EXPIRED_TOKEN= static_cast<int>(Aws::Client::CoreErrors::SERVICE_EXTENSION_START_RANGE) + 1,
INVALID_AUTHORIZATION_MESSAGE,
INVALID_IDENTITY_TOKEN,
I_D_P_COMMUNICATION_ERROR,
I_D_P_REJECTED_CLAIM,
MALFORMED_POLICY_DOCUMENT,
PACKED_POLICY_TOO_LARGE,
REGION_DISABLED
};
class AWS_STS_API STSError : public Aws::Client::AWSError<STSErrors>
{
public:
STSError() {}
STSError(const Aws::Client::AWSError<Aws::Client::CoreErrors>& rhs) : Aws::Client::AWSError<STSErrors>(rhs) {}
STSError(Aws::Client::AWSError<Aws::Client::CoreErrors>&& rhs) : Aws::Client::AWSError<STSErrors>(rhs) {}
STSError(const Aws::Client::AWSError<STSErrors>& rhs) : Aws::Client::AWSError<STSErrors>(rhs) {}
STSError(Aws::Client::AWSError<STSErrors>&& rhs) : Aws::Client::AWSError<STSErrors>(rhs) {}
template <typename T>
T GetModeledError();
};
namespace STSErrorMapper
{
AWS_STS_API Aws::Client::AWSError<Aws::Client::CoreErrors> GetErrorForName(const char* errorName);
}
} // namespace STS
} // namespace Aws

46
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSRequest.h Normal file
View File

@@ -0,0 +1,46 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/endpoint/AWSEndpoint.h>
#include <aws/core/AmazonSerializableWebServiceRequest.h>
#include <aws/core/utils/UnreferencedParam.h>
#include <aws/core/http/HttpRequest.h>
namespace Aws
{
namespace STS
{
class AWS_STS_API STSRequest : public Aws::AmazonSerializableWebServiceRequest
{
public:
using EndpointParameter = Aws::Endpoint::EndpointParameter;
using EndpointParameters = Aws::Endpoint::EndpointParameters;
virtual ~STSRequest () {}
void AddParametersToRequest(Aws::Http::HttpRequest& httpRequest) const { AWS_UNREFERENCED_PARAM(httpRequest); }
inline Aws::Http::HeaderValueCollection GetHeaders() const override
{
auto headers = GetRequestSpecificHeaders();
if(headers.size() == 0 || (headers.size() > 0 && headers.count(Aws::Http::CONTENT_TYPE_HEADER) == 0))
{
headers.emplace(Aws::Http::HeaderValuePair(Aws::Http::CONTENT_TYPE_HEADER, Aws::FORM_CONTENT_TYPE ));
}
headers.emplace(Aws::Http::HeaderValuePair(Aws::Http::API_VERSION_HEADER, "2011-06-15"));
return headers;
}
protected:
virtual Aws::Http::HeaderValueCollection GetRequestSpecificHeaders() const { return Aws::Http::HeaderValueCollection(); }
};
} // namespace STS
} // namespace Aws

117
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STSServiceClientModel.h Normal file
View File

@@ -0,0 +1,117 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
/* Generic header includes */
#include <aws/sts/STSErrors.h>
#include <aws/core/client/GenericClientConfiguration.h>
#include <aws/core/client/AWSError.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/client/AsyncCallerContext.h>
#include <aws/core/http/HttpTypes.h>
#include <aws/sts/STSEndpointProvider.h>
#include <future>
#include <functional>
/* End of generic header includes */
/* Service model headers required in STSClient header */
#include <aws/sts/model/AssumeRoleResult.h>
#include <aws/sts/model/AssumeRoleWithSAMLResult.h>
#include <aws/sts/model/AssumeRoleWithWebIdentityResult.h>
#include <aws/sts/model/DecodeAuthorizationMessageResult.h>
#include <aws/sts/model/GetAccessKeyInfoResult.h>
#include <aws/sts/model/GetCallerIdentityResult.h>
#include <aws/sts/model/GetFederationTokenResult.h>
#include <aws/sts/model/GetSessionTokenResult.h>
#include <aws/sts/model/GetCallerIdentityRequest.h>
#include <aws/sts/model/GetSessionTokenRequest.h>
/* End of service model headers required in STSClient header */
namespace Aws
{
namespace Http
{
class HttpClient;
class HttpClientFactory;
} // namespace Http
namespace Utils
{
template< typename R, typename E> class Outcome;
namespace Threading
{
class Executor;
} // namespace Threading
} // namespace Utils
namespace Auth
{
class AWSCredentials;
class AWSCredentialsProvider;
} // namespace Auth
namespace Client
{
class RetryStrategy;
} // namespace Client
namespace STS
{
using STSClientConfiguration = Aws::Client::GenericClientConfiguration;
using STSEndpointProviderBase = Aws::STS::Endpoint::STSEndpointProviderBase;
using STSEndpointProvider = Aws::STS::Endpoint::STSEndpointProvider;
namespace Model
{
/* Service model forward declarations required in STSClient header */
class AssumeRoleRequest;
class AssumeRoleWithSAMLRequest;
class AssumeRoleWithWebIdentityRequest;
class DecodeAuthorizationMessageRequest;
class GetAccessKeyInfoRequest;
class GetCallerIdentityRequest;
class GetFederationTokenRequest;
class GetSessionTokenRequest;
/* End of service model forward declarations required in STSClient header */
/* Service model Outcome class definitions */
typedef Aws::Utils::Outcome<AssumeRoleResult, STSError> AssumeRoleOutcome;
typedef Aws::Utils::Outcome<AssumeRoleWithSAMLResult, STSError> AssumeRoleWithSAMLOutcome;
typedef Aws::Utils::Outcome<AssumeRoleWithWebIdentityResult, STSError> AssumeRoleWithWebIdentityOutcome;
typedef Aws::Utils::Outcome<DecodeAuthorizationMessageResult, STSError> DecodeAuthorizationMessageOutcome;
typedef Aws::Utils::Outcome<GetAccessKeyInfoResult, STSError> GetAccessKeyInfoOutcome;
typedef Aws::Utils::Outcome<GetCallerIdentityResult, STSError> GetCallerIdentityOutcome;
typedef Aws::Utils::Outcome<GetFederationTokenResult, STSError> GetFederationTokenOutcome;
typedef Aws::Utils::Outcome<GetSessionTokenResult, STSError> GetSessionTokenOutcome;
/* End of service model Outcome class definitions */
/* Service model Outcome callable definitions */
typedef std::future<AssumeRoleOutcome> AssumeRoleOutcomeCallable;
typedef std::future<AssumeRoleWithSAMLOutcome> AssumeRoleWithSAMLOutcomeCallable;
typedef std::future<AssumeRoleWithWebIdentityOutcome> AssumeRoleWithWebIdentityOutcomeCallable;
typedef std::future<DecodeAuthorizationMessageOutcome> DecodeAuthorizationMessageOutcomeCallable;
typedef std::future<GetAccessKeyInfoOutcome> GetAccessKeyInfoOutcomeCallable;
typedef std::future<GetCallerIdentityOutcome> GetCallerIdentityOutcomeCallable;
typedef std::future<GetFederationTokenOutcome> GetFederationTokenOutcomeCallable;
typedef std::future<GetSessionTokenOutcome> GetSessionTokenOutcomeCallable;
/* End of service model Outcome callable definitions */
} // namespace Model
class STSClient;
/* Service model async handlers definitions */
typedef std::function<void(const STSClient*, const Model::AssumeRoleRequest&, const Model::AssumeRoleOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > AssumeRoleResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::AssumeRoleWithSAMLRequest&, const Model::AssumeRoleWithSAMLOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > AssumeRoleWithSAMLResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::AssumeRoleWithWebIdentityRequest&, const Model::AssumeRoleWithWebIdentityOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > AssumeRoleWithWebIdentityResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::DecodeAuthorizationMessageRequest&, const Model::DecodeAuthorizationMessageOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > DecodeAuthorizationMessageResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::GetAccessKeyInfoRequest&, const Model::GetAccessKeyInfoOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetAccessKeyInfoResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::GetCallerIdentityRequest&, const Model::GetCallerIdentityOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetCallerIdentityResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::GetFederationTokenRequest&, const Model::GetFederationTokenOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetFederationTokenResponseReceivedHandler;
typedef std::function<void(const STSClient*, const Model::GetSessionTokenRequest&, const Model::GetSessionTokenOutcome&, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) > GetSessionTokenResponseReceivedHandler;
/* End of service model async handlers definitions */
} // namespace STS
} // namespace Aws

32
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/STS_EXPORTS.h Normal file
View File

@@ -0,0 +1,32 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#ifdef _MSC_VER
//disable windows complaining about max template size.
#pragma warning (disable : 4503)
#endif // _MSC_VER
#if defined (USE_WINDOWS_DLL_SEMANTICS) || defined (_WIN32)
#ifdef _MSC_VER
#pragma warning(disable : 4251)
#endif // _MSC_VER
#ifdef USE_IMPORT_EXPORT
#ifdef AWS_STS_EXPORTS
#define AWS_STS_API __declspec(dllexport)
#else
#define AWS_STS_API __declspec(dllimport)
#endif /* AWS_STS_EXPORTS */
#define AWS_STS_EXTERN
#else
#define AWS_STS_API
#define AWS_STS_EXTERN extern
#endif // USE_IMPORT_EXPORT
#else // defined (USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32)
#define AWS_STS_API
#define AWS_STS_EXTERN extern
#endif // defined (USE_WINDOWS_DLL_SEMANTICS) || defined (WIN32)

411
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumeRoleRequest.h Normal file
View File

@@ -0,0 +1,411 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/sts/model/PolicyDescriptorType.h>
#include <aws/sts/model/Tag.h>
#include <aws/sts/model/ProvidedContext.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class AssumeRoleRequest : public STSRequest
{
public:
AWS_STS_API AssumeRoleRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "AssumeRole"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The Amazon Resource Name (ARN) of the role to assume.</p>
*/
inline const Aws::String& GetRoleArn() const{ return m_roleArn; }
inline bool RoleArnHasBeenSet() const { return m_roleArnHasBeenSet; }
inline void SetRoleArn(const Aws::String& value) { m_roleArnHasBeenSet = true; m_roleArn = value; }
inline void SetRoleArn(Aws::String&& value) { m_roleArnHasBeenSet = true; m_roleArn = std::move(value); }
inline void SetRoleArn(const char* value) { m_roleArnHasBeenSet = true; m_roleArn.assign(value); }
inline AssumeRoleRequest& WithRoleArn(const Aws::String& value) { SetRoleArn(value); return *this;}
inline AssumeRoleRequest& WithRoleArn(Aws::String&& value) { SetRoleArn(std::move(value)); return *this;}
inline AssumeRoleRequest& WithRoleArn(const char* value) { SetRoleArn(value); return *this;}
///@}
///@{
/**
* <p>An identifier for the assumed role session.</p> <p>Use the role session name
* to uniquely identify a session when the same role is assumed by different
* principals or for different reasons. In cross-account scenarios, the role
* session name is visible to, and can be logged by the account that owns the role.
* The role session name is also used in the ARN of the assumed role principal.
* This means that subsequent cross-account API requests that use the temporary
* security credentials will expose the role session name to the external account
* in their CloudTrail logs.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline const Aws::String& GetRoleSessionName() const{ return m_roleSessionName; }
inline bool RoleSessionNameHasBeenSet() const { return m_roleSessionNameHasBeenSet; }
inline void SetRoleSessionName(const Aws::String& value) { m_roleSessionNameHasBeenSet = true; m_roleSessionName = value; }
inline void SetRoleSessionName(Aws::String&& value) { m_roleSessionNameHasBeenSet = true; m_roleSessionName = std::move(value); }
inline void SetRoleSessionName(const char* value) { m_roleSessionNameHasBeenSet = true; m_roleSessionName.assign(value); }
inline AssumeRoleRequest& WithRoleSessionName(const Aws::String& value) { SetRoleSessionName(value); return *this;}
inline AssumeRoleRequest& WithRoleSessionName(Aws::String&& value) { SetRoleSessionName(std::move(value)); return *this;}
inline AssumeRoleRequest& WithRoleSessionName(const char* value) { SetRoleSessionName(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as managed session policies. The policies must exist in the same account as
* the role.</p> <p>This parameter is optional. You can provide up to 10 managed
* policy ARNs. However, the plaintext that you use for both inline and managed
* session policies can't exceed 2,048 characters. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>An Amazon Web Services
* conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request
* can fail for this limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
* <p>Passing policies to this operation returns new temporary credentials. The
* resulting session's permissions are the intersection of the role's
* identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in
* the account that owns the role. You cannot use session policies to grant more
* permissions than those allowed by the identity-based policy of the role that is
* being assumed. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::Vector<PolicyDescriptorType>& GetPolicyArns() const{ return m_policyArns; }
inline bool PolicyArnsHasBeenSet() const { return m_policyArnsHasBeenSet; }
inline void SetPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { m_policyArnsHasBeenSet = true; m_policyArns = value; }
inline void SetPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { m_policyArnsHasBeenSet = true; m_policyArns = std::move(value); }
inline AssumeRoleRequest& WithPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { SetPolicyArns(value); return *this;}
inline AssumeRoleRequest& WithPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { SetPolicyArns(std::move(value)); return *this;}
inline AssumeRoleRequest& AddPolicyArns(const PolicyDescriptorType& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(value); return *this; }
inline AssumeRoleRequest& AddPolicyArns(PolicyDescriptorType&& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(std::move(value)); return *this; }
///@}
///@{
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>This parameter is optional. Passing policies to this operation
* returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You
* can use the role's temporary credentials in subsequent Amazon Web Services API
* calls to access resources in the account that owns the role. You cannot use
* session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information,
* see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. The JSON
* policy characters can be any ASCII character from the space character to the end
* of the valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline const Aws::String& GetPolicy() const{ return m_policy; }
inline bool PolicyHasBeenSet() const { return m_policyHasBeenSet; }
inline void SetPolicy(const Aws::String& value) { m_policyHasBeenSet = true; m_policy = value; }
inline void SetPolicy(Aws::String&& value) { m_policyHasBeenSet = true; m_policy = std::move(value); }
inline void SetPolicy(const char* value) { m_policyHasBeenSet = true; m_policy.assign(value); }
inline AssumeRoleRequest& WithPolicy(const Aws::String& value) { SetPolicy(value); return *this;}
inline AssumeRoleRequest& WithPolicy(Aws::String&& value) { SetPolicy(std::move(value)); return *this;}
inline AssumeRoleRequest& WithPolicy(const char* value) { SetPolicy(value); return *this;}
///@}
///@{
/**
* <p>The duration, in seconds, of the role session. The value specified can range
* from 900 seconds (15 minutes) up to the maximum session duration set for the
* role. The maximum session duration setting can have a value from 1 hour to 12
* hours. If you specify a value higher than this setting or the administrator
* setting (whichever is lower), the operation fails. For example, if you specify a
* session duration of 12 hours, but your administrator set the maximum session
* duration to 6 hours, your operation fails. </p> <p>Role chaining limits your
* Amazon Web Services CLI or Amazon Web Services API role session to a maximum of
* one hour. When you use the <code>AssumeRole</code> API operation to assume a
* role, you can specify the duration of your role session with the
* <code>DurationSeconds</code> parameter. You can specify a parameter value of up
* to 43200 seconds (12 hours), depending on the maximum session duration setting
* for your role. However, if you assume a role using role chaining and provide a
* <code>DurationSeconds</code> parameter value greater than one hour, the
* operation fails. To learn how to view the maximum value for your role, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View
* the Maximum Session Duration Setting for a Role</a> in the <i>IAM User
* Guide</i>.</p> <p>By default, the value is set to <code>3600</code> seconds.
* </p> <p>The <code>DurationSeconds</code> parameter is separate from the
* duration of a console session that you might request using the returned
* credentials. The request to the federation endpoint for a console sign-in token
* takes a <code>SessionDuration</code> parameter that specifies the maximum length
* of the console session. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating
* a URL that Enables Federated Users to Access the Amazon Web Services Management
* Console</a> in the <i>IAM User Guide</i>.</p>
*/
inline int GetDurationSeconds() const{ return m_durationSeconds; }
inline bool DurationSecondsHasBeenSet() const { return m_durationSecondsHasBeenSet; }
inline void SetDurationSeconds(int value) { m_durationSecondsHasBeenSet = true; m_durationSeconds = value; }
inline AssumeRoleRequest& WithDurationSeconds(int value) { SetDurationSeconds(value); return *this;}
///@}
///@{
/**
* <p>A list of session tags that you want to pass. Each session tag consists of a
* key name and an associated value. For more information about session tags, see
* <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Tagging
* Amazon Web Services STS Sessions</a> in the <i>IAM User Guide</i>.</p> <p>This
* parameter is optional. You can pass up to 50 session tags. The plaintext session
* tag keys cant exceed 128 characters, and the values cant exceed 256
* characters. For these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the role. When you do, session tags
* override a role tag with the same key. </p> <p>Tag keyvalue pairs are not case
* sensitive, but case is preserved. This means that you cannot have separate
* <code>Department</code> and <code>department</code> tag keys. Assume that the
* role has the <code>Department</code>=<code>Marketing</code> tag and you pass the
* <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p> <p>Additionally, if you used temporary credentials to perform this
* operation, the new session inherits any transitive session tags from the calling
* session. If you pass a session tag with the same key as an inherited tag, the
* operation fails. To view the inherited tags for a session, see the CloudTrail
* logs. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_ctlogs">Viewing
* Session Tags in CloudTrail</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::Vector<Tag>& GetTags() const{ return m_tags; }
inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
inline void SetTags(const Aws::Vector<Tag>& value) { m_tagsHasBeenSet = true; m_tags = value; }
inline void SetTags(Aws::Vector<Tag>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
inline AssumeRoleRequest& WithTags(const Aws::Vector<Tag>& value) { SetTags(value); return *this;}
inline AssumeRoleRequest& WithTags(Aws::Vector<Tag>&& value) { SetTags(std::move(value)); return *this;}
inline AssumeRoleRequest& AddTags(const Tag& value) { m_tagsHasBeenSet = true; m_tags.push_back(value); return *this; }
inline AssumeRoleRequest& AddTags(Tag&& value) { m_tagsHasBeenSet = true; m_tags.push_back(std::move(value)); return *this; }
///@}
///@{
/**
* <p>A list of keys for session tags that you want to set as transitive. If you
* set a tag key as transitive, the corresponding key and value passes to
* subsequent sessions in a role chain. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining">Chaining
* Roles with Session Tags</a> in the <i>IAM User Guide</i>.</p> <p>This parameter
* is optional. When you set session tags as transitive, the session policy and
* session tags packed binary limit is not affected.</p> <p>If you choose not to
* specify a transitive tag key, then no tags are passed from this session to any
* subsequent sessions.</p>
*/
inline const Aws::Vector<Aws::String>& GetTransitiveTagKeys() const{ return m_transitiveTagKeys; }
inline bool TransitiveTagKeysHasBeenSet() const { return m_transitiveTagKeysHasBeenSet; }
inline void SetTransitiveTagKeys(const Aws::Vector<Aws::String>& value) { m_transitiveTagKeysHasBeenSet = true; m_transitiveTagKeys = value; }
inline void SetTransitiveTagKeys(Aws::Vector<Aws::String>&& value) { m_transitiveTagKeysHasBeenSet = true; m_transitiveTagKeys = std::move(value); }
inline AssumeRoleRequest& WithTransitiveTagKeys(const Aws::Vector<Aws::String>& value) { SetTransitiveTagKeys(value); return *this;}
inline AssumeRoleRequest& WithTransitiveTagKeys(Aws::Vector<Aws::String>&& value) { SetTransitiveTagKeys(std::move(value)); return *this;}
inline AssumeRoleRequest& AddTransitiveTagKeys(const Aws::String& value) { m_transitiveTagKeysHasBeenSet = true; m_transitiveTagKeys.push_back(value); return *this; }
inline AssumeRoleRequest& AddTransitiveTagKeys(Aws::String&& value) { m_transitiveTagKeysHasBeenSet = true; m_transitiveTagKeys.push_back(std::move(value)); return *this; }
inline AssumeRoleRequest& AddTransitiveTagKeys(const char* value) { m_transitiveTagKeysHasBeenSet = true; m_transitiveTagKeys.push_back(value); return *this; }
///@}
///@{
/**
* <p>A unique identifier that might be required when you assume a role in another
* account. If the administrator of the account to which the role belongs provided
* you with an external ID, then provide that value in the <code>ExternalId</code>
* parameter. This value can be any string, such as a passphrase or account number.
* A cross-account role is usually set up to trust everyone in an account.
* Therefore, the administrator of the trusting account might send an external ID
* to the administrator of the trusted account. That way, only someone with the ID
* can assume the role, rather than everyone in the account. For more information
* about the external ID, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html">How
* to Use an External ID When Granting Access to Your Amazon Web Services Resources
* to a Third Party</a> in the <i>IAM User Guide</i>.</p> <p>The regex used to
* validate this parameter is a string of characters consisting of upper- and
* lower-case alphanumeric characters with no spaces. You can also include
* underscores or any of the following characters: =,.@:/-</p>
*/
inline const Aws::String& GetExternalId() const{ return m_externalId; }
inline bool ExternalIdHasBeenSet() const { return m_externalIdHasBeenSet; }
inline void SetExternalId(const Aws::String& value) { m_externalIdHasBeenSet = true; m_externalId = value; }
inline void SetExternalId(Aws::String&& value) { m_externalIdHasBeenSet = true; m_externalId = std::move(value); }
inline void SetExternalId(const char* value) { m_externalIdHasBeenSet = true; m_externalId.assign(value); }
inline AssumeRoleRequest& WithExternalId(const Aws::String& value) { SetExternalId(value); return *this;}
inline AssumeRoleRequest& WithExternalId(Aws::String&& value) { SetExternalId(std::move(value)); return *this;}
inline AssumeRoleRequest& WithExternalId(const char* value) { SetExternalId(value); return *this;}
///@}
///@{
/**
* <p>The identification number of the MFA device that is associated with the user
* who is making the <code>AssumeRole</code> call. Specify this value if the trust
* policy of the role being assumed includes a condition that requires MFA
* authentication. The value is either the serial number for a hardware device
* (such as <code>GAHT12345678</code>) or an Amazon Resource Name (ARN) for a
* virtual device (such as <code>arn:aws:iam::123456789012:mfa/user</code>).</p>
* <p>The regex used to validate this parameter is a string of characters
* consisting of upper- and lower-case alphanumeric characters with no spaces. You
* can also include underscores or any of the following characters: =,.@-</p>
*/
inline const Aws::String& GetSerialNumber() const{ return m_serialNumber; }
inline bool SerialNumberHasBeenSet() const { return m_serialNumberHasBeenSet; }
inline void SetSerialNumber(const Aws::String& value) { m_serialNumberHasBeenSet = true; m_serialNumber = value; }
inline void SetSerialNumber(Aws::String&& value) { m_serialNumberHasBeenSet = true; m_serialNumber = std::move(value); }
inline void SetSerialNumber(const char* value) { m_serialNumberHasBeenSet = true; m_serialNumber.assign(value); }
inline AssumeRoleRequest& WithSerialNumber(const Aws::String& value) { SetSerialNumber(value); return *this;}
inline AssumeRoleRequest& WithSerialNumber(Aws::String&& value) { SetSerialNumber(std::move(value)); return *this;}
inline AssumeRoleRequest& WithSerialNumber(const char* value) { SetSerialNumber(value); return *this;}
///@}
///@{
/**
* <p>The value provided by the MFA device, if the trust policy of the role being
* assumed requires MFA. (In other words, if the policy includes a condition that
* tests for MFA). If the role being assumed requires MFA and if the
* <code>TokenCode</code> value is missing or expired, the <code>AssumeRole</code>
* call returns an "access denied" error.</p> <p>The format for this parameter, as
* described by its regex pattern, is a sequence of six numeric digits.</p>
*/
inline const Aws::String& GetTokenCode() const{ return m_tokenCode; }
inline bool TokenCodeHasBeenSet() const { return m_tokenCodeHasBeenSet; }
inline void SetTokenCode(const Aws::String& value) { m_tokenCodeHasBeenSet = true; m_tokenCode = value; }
inline void SetTokenCode(Aws::String&& value) { m_tokenCodeHasBeenSet = true; m_tokenCode = std::move(value); }
inline void SetTokenCode(const char* value) { m_tokenCodeHasBeenSet = true; m_tokenCode.assign(value); }
inline AssumeRoleRequest& WithTokenCode(const Aws::String& value) { SetTokenCode(value); return *this;}
inline AssumeRoleRequest& WithTokenCode(Aws::String&& value) { SetTokenCode(std::move(value)); return *this;}
inline AssumeRoleRequest& WithTokenCode(const char* value) { SetTokenCode(value); return *this;}
///@}
///@{
/**
* <p>The source identity specified by the principal that is calling the
* <code>AssumeRole</code> operation.</p> <p>You can require users to specify a
* source identity when they assume a role. You do this by using the
* <code>sts:SourceIdentity</code> condition key in a role trust policy. You can
* use source identity information in CloudTrail logs to determine who took actions
* with a role. You can use the <code>aws:SourceIdentity</code> condition key to
* further control access to Amazon Web Services resources based on the value of
* source identity. For more information about using source identity, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html">Monitor
* and control actions taken with assumed roles</a> in the <i>IAM User
* Guide</i>.</p> <p>The regex used to validate this parameter is a string of
* characters consisting of upper- and lower-case alphanumeric characters with no
* spaces. You can also include underscores or any of the following characters:
* =,.@-. You cannot use a value that begins with the text <code>aws:</code>. This
* prefix is reserved for Amazon Web Services internal use.</p>
*/
inline const Aws::String& GetSourceIdentity() const{ return m_sourceIdentity; }
inline bool SourceIdentityHasBeenSet() const { return m_sourceIdentityHasBeenSet; }
inline void SetSourceIdentity(const Aws::String& value) { m_sourceIdentityHasBeenSet = true; m_sourceIdentity = value; }
inline void SetSourceIdentity(Aws::String&& value) { m_sourceIdentityHasBeenSet = true; m_sourceIdentity = std::move(value); }
inline void SetSourceIdentity(const char* value) { m_sourceIdentityHasBeenSet = true; m_sourceIdentity.assign(value); }
inline AssumeRoleRequest& WithSourceIdentity(const Aws::String& value) { SetSourceIdentity(value); return *this;}
inline AssumeRoleRequest& WithSourceIdentity(Aws::String&& value) { SetSourceIdentity(std::move(value)); return *this;}
inline AssumeRoleRequest& WithSourceIdentity(const char* value) { SetSourceIdentity(value); return *this;}
///@}
///@{
/**
* <p>A list of previously acquired trusted context assertions in the format of a
* JSON array. The trusted context assertion is signed and encrypted by Amazon Web
* Services STS.</p> <p>The following is an example of a
* <code>ProvidedContext</code> value that includes a single trusted context
* assertion and the ARN of the context provider from which the trusted context
* assertion was generated.</p> <p>
* <code>[{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}]</code>
* </p>
*/
inline const Aws::Vector<ProvidedContext>& GetProvidedContexts() const{ return m_providedContexts; }
inline bool ProvidedContextsHasBeenSet() const { return m_providedContextsHasBeenSet; }
inline void SetProvidedContexts(const Aws::Vector<ProvidedContext>& value) { m_providedContextsHasBeenSet = true; m_providedContexts = value; }
inline void SetProvidedContexts(Aws::Vector<ProvidedContext>&& value) { m_providedContextsHasBeenSet = true; m_providedContexts = std::move(value); }
inline AssumeRoleRequest& WithProvidedContexts(const Aws::Vector<ProvidedContext>& value) { SetProvidedContexts(value); return *this;}
inline AssumeRoleRequest& WithProvidedContexts(Aws::Vector<ProvidedContext>&& value) { SetProvidedContexts(std::move(value)); return *this;}
inline AssumeRoleRequest& AddProvidedContexts(const ProvidedContext& value) { m_providedContextsHasBeenSet = true; m_providedContexts.push_back(value); return *this; }
inline AssumeRoleRequest& AddProvidedContexts(ProvidedContext&& value) { m_providedContextsHasBeenSet = true; m_providedContexts.push_back(std::move(value)); return *this; }
///@}
private:
Aws::String m_roleArn;
bool m_roleArnHasBeenSet = false;
Aws::String m_roleSessionName;
bool m_roleSessionNameHasBeenSet = false;
Aws::Vector<PolicyDescriptorType> m_policyArns;
bool m_policyArnsHasBeenSet = false;
Aws::String m_policy;
bool m_policyHasBeenSet = false;
int m_durationSeconds;
bool m_durationSecondsHasBeenSet = false;
Aws::Vector<Tag> m_tags;
bool m_tagsHasBeenSet = false;
Aws::Vector<Aws::String> m_transitiveTagKeys;
bool m_transitiveTagKeysHasBeenSet = false;
Aws::String m_externalId;
bool m_externalIdHasBeenSet = false;
Aws::String m_serialNumber;
bool m_serialNumberHasBeenSet = false;
Aws::String m_tokenCode;
bool m_tokenCodeHasBeenSet = false;
Aws::String m_sourceIdentity;
bool m_sourceIdentityHasBeenSet = false;
Aws::Vector<ProvidedContext> m_providedContexts;
bool m_providedContextsHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

136
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumeRoleResult.h Normal file
View File

@@ -0,0 +1,136 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/model/Credentials.h>
#include <aws/sts/model/AssumedRoleUser.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains the response to a successful <a>AssumeRole</a> request, including
* temporary Amazon Web Services credentials that can be used to make Amazon Web
* Services requests. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleResponse">AWS
* API Reference</a></p>
*/
class AssumeRoleResult
{
public:
AWS_STS_API AssumeRoleResult();
AWS_STS_API AssumeRoleResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API AssumeRoleResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The temporary security credentials, which include an access key ID, a secret
* access key, and a security (or session) token.</p> <p>The size of the
* security token that STS API operations return is not fixed. We strongly
* recommend that you make no assumptions about the maximum size.</p>
*/
inline const Credentials& GetCredentials() const{ return m_credentials; }
inline void SetCredentials(const Credentials& value) { m_credentials = value; }
inline void SetCredentials(Credentials&& value) { m_credentials = std::move(value); }
inline AssumeRoleResult& WithCredentials(const Credentials& value) { SetCredentials(value); return *this;}
inline AssumeRoleResult& WithCredentials(Credentials&& value) { SetCredentials(std::move(value)); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers
* that you can use to refer to the resulting temporary security credentials. For
* example, you can reference these credentials as a principal in a resource-based
* policy by using the ARN or assumed role ID. The ARN and ID include the
* <code>RoleSessionName</code> that you specified when you called
* <code>AssumeRole</code>. </p>
*/
inline const AssumedRoleUser& GetAssumedRoleUser() const{ return m_assumedRoleUser; }
inline void SetAssumedRoleUser(const AssumedRoleUser& value) { m_assumedRoleUser = value; }
inline void SetAssumedRoleUser(AssumedRoleUser&& value) { m_assumedRoleUser = std::move(value); }
inline AssumeRoleResult& WithAssumedRoleUser(const AssumedRoleUser& value) { SetAssumedRoleUser(value); return *this;}
inline AssumeRoleResult& WithAssumedRoleUser(AssumedRoleUser&& value) { SetAssumedRoleUser(std::move(value)); return *this;}
///@}
///@{
/**
* <p>A percentage value that indicates the packed size of the session policies and
* session tags combined passed in the request. The request fails if the packed
* size is greater than 100 percent, which means the policies and tags exceeded the
* allowed space.</p>
*/
inline int GetPackedPolicySize() const{ return m_packedPolicySize; }
inline void SetPackedPolicySize(int value) { m_packedPolicySize = value; }
inline AssumeRoleResult& WithPackedPolicySize(int value) { SetPackedPolicySize(value); return *this;}
///@}
///@{
/**
* <p>The source identity specified by the principal that is calling the
* <code>AssumeRole</code> operation.</p> <p>You can require users to specify a
* source identity when they assume a role. You do this by using the
* <code>sts:SourceIdentity</code> condition key in a role trust policy. You can
* use source identity information in CloudTrail logs to determine who took actions
* with a role. You can use the <code>aws:SourceIdentity</code> condition key to
* further control access to Amazon Web Services resources based on the value of
* source identity. For more information about using source identity, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html">Monitor
* and control actions taken with assumed roles</a> in the <i>IAM User
* Guide</i>.</p> <p>The regex used to validate this parameter is a string of
* characters consisting of upper- and lower-case alphanumeric characters with no
* spaces. You can also include underscores or any of the following characters:
* =,.@-</p>
*/
inline const Aws::String& GetSourceIdentity() const{ return m_sourceIdentity; }
inline void SetSourceIdentity(const Aws::String& value) { m_sourceIdentity = value; }
inline void SetSourceIdentity(Aws::String&& value) { m_sourceIdentity = std::move(value); }
inline void SetSourceIdentity(const char* value) { m_sourceIdentity.assign(value); }
inline AssumeRoleResult& WithSourceIdentity(const Aws::String& value) { SetSourceIdentity(value); return *this;}
inline AssumeRoleResult& WithSourceIdentity(Aws::String&& value) { SetSourceIdentity(std::move(value)); return *this;}
inline AssumeRoleResult& WithSourceIdentity(const char* value) { SetSourceIdentity(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline AssumeRoleResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline AssumeRoleResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Credentials m_credentials;
AssumedRoleUser m_assumedRoleUser;
int m_packedPolicySize;
Aws::String m_sourceIdentity;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

209
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumeRoleWithSAMLRequest.h Normal file
View File

@@ -0,0 +1,209 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/sts/model/PolicyDescriptorType.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class AssumeRoleWithSAMLRequest : public STSRequest
{
public:
AWS_STS_API AssumeRoleWithSAMLRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "AssumeRoleWithSAML"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
inline const Aws::String& GetRoleArn() const{ return m_roleArn; }
inline bool RoleArnHasBeenSet() const { return m_roleArnHasBeenSet; }
inline void SetRoleArn(const Aws::String& value) { m_roleArnHasBeenSet = true; m_roleArn = value; }
inline void SetRoleArn(Aws::String&& value) { m_roleArnHasBeenSet = true; m_roleArn = std::move(value); }
inline void SetRoleArn(const char* value) { m_roleArnHasBeenSet = true; m_roleArn.assign(value); }
inline AssumeRoleWithSAMLRequest& WithRoleArn(const Aws::String& value) { SetRoleArn(value); return *this;}
inline AssumeRoleWithSAMLRequest& WithRoleArn(Aws::String&& value) { SetRoleArn(std::move(value)); return *this;}
inline AssumeRoleWithSAMLRequest& WithRoleArn(const char* value) { SetRoleArn(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the
* IdP.</p>
*/
inline const Aws::String& GetPrincipalArn() const{ return m_principalArn; }
inline bool PrincipalArnHasBeenSet() const { return m_principalArnHasBeenSet; }
inline void SetPrincipalArn(const Aws::String& value) { m_principalArnHasBeenSet = true; m_principalArn = value; }
inline void SetPrincipalArn(Aws::String&& value) { m_principalArnHasBeenSet = true; m_principalArn = std::move(value); }
inline void SetPrincipalArn(const char* value) { m_principalArnHasBeenSet = true; m_principalArn.assign(value); }
inline AssumeRoleWithSAMLRequest& WithPrincipalArn(const Aws::String& value) { SetPrincipalArn(value); return *this;}
inline AssumeRoleWithSAMLRequest& WithPrincipalArn(Aws::String&& value) { SetPrincipalArn(std::move(value)); return *this;}
inline AssumeRoleWithSAMLRequest& WithPrincipalArn(const char* value) { SetPrincipalArn(value); return *this;}
///@}
///@{
/**
* <p>The base64 encoded SAML authentication response provided by the IdP.</p>
* <p>For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html">Configuring
* a Relying Party and Adding Claims</a> in the <i>IAM User Guide</i>. </p>
*/
inline const Aws::String& GetSAMLAssertion() const{ return m_sAMLAssertion; }
inline bool SAMLAssertionHasBeenSet() const { return m_sAMLAssertionHasBeenSet; }
inline void SetSAMLAssertion(const Aws::String& value) { m_sAMLAssertionHasBeenSet = true; m_sAMLAssertion = value; }
inline void SetSAMLAssertion(Aws::String&& value) { m_sAMLAssertionHasBeenSet = true; m_sAMLAssertion = std::move(value); }
inline void SetSAMLAssertion(const char* value) { m_sAMLAssertionHasBeenSet = true; m_sAMLAssertion.assign(value); }
inline AssumeRoleWithSAMLRequest& WithSAMLAssertion(const Aws::String& value) { SetSAMLAssertion(value); return *this;}
inline AssumeRoleWithSAMLRequest& WithSAMLAssertion(Aws::String&& value) { SetSAMLAssertion(std::move(value)); return *this;}
inline AssumeRoleWithSAMLRequest& WithSAMLAssertion(const char* value) { SetSAMLAssertion(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as managed session policies. The policies must exist in the same account as
* the role.</p> <p>This parameter is optional. You can provide up to 10 managed
* policy ARNs. However, the plaintext that you use for both inline and managed
* session policies can't exceed 2,048 characters. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>An Amazon Web Services
* conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request
* can fail for this limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
* <p>Passing policies to this operation returns new temporary credentials. The
* resulting session's permissions are the intersection of the role's
* identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in
* the account that owns the role. You cannot use session policies to grant more
* permissions than those allowed by the identity-based policy of the role that is
* being assumed. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::Vector<PolicyDescriptorType>& GetPolicyArns() const{ return m_policyArns; }
inline bool PolicyArnsHasBeenSet() const { return m_policyArnsHasBeenSet; }
inline void SetPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { m_policyArnsHasBeenSet = true; m_policyArns = value; }
inline void SetPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { m_policyArnsHasBeenSet = true; m_policyArns = std::move(value); }
inline AssumeRoleWithSAMLRequest& WithPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { SetPolicyArns(value); return *this;}
inline AssumeRoleWithSAMLRequest& WithPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { SetPolicyArns(std::move(value)); return *this;}
inline AssumeRoleWithSAMLRequest& AddPolicyArns(const PolicyDescriptorType& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(value); return *this; }
inline AssumeRoleWithSAMLRequest& AddPolicyArns(PolicyDescriptorType&& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(std::move(value)); return *this; }
///@}
///@{
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>This parameter is optional. Passing policies to this operation
* returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You
* can use the role's temporary credentials in subsequent Amazon Web Services API
* calls to access resources in the account that owns the role. You cannot use
* session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information,
* see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>. </p> <p>The plaintext that you use
* for both inline and managed session policies can't exceed 2,048 characters. The
* JSON policy characters can be any ASCII character from the space character to
* the end of the valid character list (\u0020 through \u00FF). It can also include
* the tab (\u0009), linefeed (\u000A), and carriage return (\u000D)
* characters.</p> <p>An Amazon Web Services conversion compresses the
* passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline const Aws::String& GetPolicy() const{ return m_policy; }
inline bool PolicyHasBeenSet() const { return m_policyHasBeenSet; }
inline void SetPolicy(const Aws::String& value) { m_policyHasBeenSet = true; m_policy = value; }
inline void SetPolicy(Aws::String&& value) { m_policyHasBeenSet = true; m_policy = std::move(value); }
inline void SetPolicy(const char* value) { m_policyHasBeenSet = true; m_policy.assign(value); }
inline AssumeRoleWithSAMLRequest& WithPolicy(const Aws::String& value) { SetPolicy(value); return *this;}
inline AssumeRoleWithSAMLRequest& WithPolicy(Aws::String&& value) { SetPolicy(std::move(value)); return *this;}
inline AssumeRoleWithSAMLRequest& WithPolicy(const char* value) { SetPolicy(value); return *this;}
///@}
///@{
/**
* <p>The duration, in seconds, of the role session. Your role session lasts for
* the duration that you specify for the <code>DurationSeconds</code> parameter, or
* until the time specified in the SAML authentication response's
* <code>SessionNotOnOrAfter</code> value, whichever is shorter. You can provide a
* <code>DurationSeconds</code> value from 900 seconds (15 minutes) up to the
* maximum session duration setting for the role. This setting can have a value
* from 1 hour to 12 hours. If you specify a value higher than this setting, the
* operation fails. For example, if you specify a session duration of 12 hours, but
* your administrator set the maximum session duration to 6 hours, your operation
* fails. To learn how to view the maximum value for your role, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View
* the Maximum Session Duration Setting for a Role</a> in the <i>IAM User
* Guide</i>.</p> <p>By default, the value is set to <code>3600</code> seconds.
* </p> <p>The <code>DurationSeconds</code> parameter is separate from the
* duration of a console session that you might request using the returned
* credentials. The request to the federation endpoint for a console sign-in token
* takes a <code>SessionDuration</code> parameter that specifies the maximum length
* of the console session. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating
* a URL that Enables Federated Users to Access the Amazon Web Services Management
* Console</a> in the <i>IAM User Guide</i>.</p>
*/
inline int GetDurationSeconds() const{ return m_durationSeconds; }
inline bool DurationSecondsHasBeenSet() const { return m_durationSecondsHasBeenSet; }
inline void SetDurationSeconds(int value) { m_durationSecondsHasBeenSet = true; m_durationSeconds = value; }
inline AssumeRoleWithSAMLRequest& WithDurationSeconds(int value) { SetDurationSeconds(value); return *this;}
///@}
private:
Aws::String m_roleArn;
bool m_roleArnHasBeenSet = false;
Aws::String m_principalArn;
bool m_principalArnHasBeenSet = false;
Aws::String m_sAMLAssertion;
bool m_sAMLAssertionHasBeenSet = false;
Aws::Vector<PolicyDescriptorType> m_policyArns;
bool m_policyArnsHasBeenSet = false;
Aws::String m_policy;
bool m_policyHasBeenSet = false;
int m_durationSeconds;
bool m_durationSecondsHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

228
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumeRoleWithSAMLResult.h Normal file
View File

@@ -0,0 +1,228 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/model/Credentials.h>
#include <aws/sts/model/AssumedRoleUser.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains the response to a successful <a>AssumeRoleWithSAML</a> request,
* including temporary Amazon Web Services credentials that can be used to make
* Amazon Web Services requests. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAMLResponse">AWS
* API Reference</a></p>
*/
class AssumeRoleWithSAMLResult
{
public:
AWS_STS_API AssumeRoleWithSAMLResult();
AWS_STS_API AssumeRoleWithSAMLResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API AssumeRoleWithSAMLResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The temporary security credentials, which include an access key ID, a secret
* access key, and a security (or session) token.</p> <p>The size of the
* security token that STS API operations return is not fixed. We strongly
* recommend that you make no assumptions about the maximum size.</p>
*/
inline const Credentials& GetCredentials() const{ return m_credentials; }
inline void SetCredentials(const Credentials& value) { m_credentials = value; }
inline void SetCredentials(Credentials&& value) { m_credentials = std::move(value); }
inline AssumeRoleWithSAMLResult& WithCredentials(const Credentials& value) { SetCredentials(value); return *this;}
inline AssumeRoleWithSAMLResult& WithCredentials(Credentials&& value) { SetCredentials(std::move(value)); return *this;}
///@}
///@{
/**
* <p>The identifiers for the temporary security credentials that the operation
* returns.</p>
*/
inline const AssumedRoleUser& GetAssumedRoleUser() const{ return m_assumedRoleUser; }
inline void SetAssumedRoleUser(const AssumedRoleUser& value) { m_assumedRoleUser = value; }
inline void SetAssumedRoleUser(AssumedRoleUser&& value) { m_assumedRoleUser = std::move(value); }
inline AssumeRoleWithSAMLResult& WithAssumedRoleUser(const AssumedRoleUser& value) { SetAssumedRoleUser(value); return *this;}
inline AssumeRoleWithSAMLResult& WithAssumedRoleUser(AssumedRoleUser&& value) { SetAssumedRoleUser(std::move(value)); return *this;}
///@}
///@{
/**
* <p>A percentage value that indicates the packed size of the session policies and
* session tags combined passed in the request. The request fails if the packed
* size is greater than 100 percent, which means the policies and tags exceeded the
* allowed space.</p>
*/
inline int GetPackedPolicySize() const{ return m_packedPolicySize; }
inline void SetPackedPolicySize(int value) { m_packedPolicySize = value; }
inline AssumeRoleWithSAMLResult& WithPackedPolicySize(int value) { SetPackedPolicySize(value); return *this;}
///@}
///@{
/**
* <p>The value of the <code>NameID</code> element in the <code>Subject</code>
* element of the SAML assertion.</p>
*/
inline const Aws::String& GetSubject() const{ return m_subject; }
inline void SetSubject(const Aws::String& value) { m_subject = value; }
inline void SetSubject(Aws::String&& value) { m_subject = std::move(value); }
inline void SetSubject(const char* value) { m_subject.assign(value); }
inline AssumeRoleWithSAMLResult& WithSubject(const Aws::String& value) { SetSubject(value); return *this;}
inline AssumeRoleWithSAMLResult& WithSubject(Aws::String&& value) { SetSubject(std::move(value)); return *this;}
inline AssumeRoleWithSAMLResult& WithSubject(const char* value) { SetSubject(value); return *this;}
///@}
///@{
/**
* <p> The format of the name ID, as defined by the <code>Format</code> attribute
* in the <code>NameID</code> element of the SAML assertion. Typical examples of
* the format are <code>transient</code> or <code>persistent</code>. </p> <p> If
* the format includes the prefix
* <code>urn:oasis:names:tc:SAML:2.0:nameid-format</code>, that prefix is removed.
* For example, <code>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</code> is
* returned as <code>transient</code>. If the format includes any other prefix, the
* format is returned with no modifications.</p>
*/
inline const Aws::String& GetSubjectType() const{ return m_subjectType; }
inline void SetSubjectType(const Aws::String& value) { m_subjectType = value; }
inline void SetSubjectType(Aws::String&& value) { m_subjectType = std::move(value); }
inline void SetSubjectType(const char* value) { m_subjectType.assign(value); }
inline AssumeRoleWithSAMLResult& WithSubjectType(const Aws::String& value) { SetSubjectType(value); return *this;}
inline AssumeRoleWithSAMLResult& WithSubjectType(Aws::String&& value) { SetSubjectType(std::move(value)); return *this;}
inline AssumeRoleWithSAMLResult& WithSubjectType(const char* value) { SetSubjectType(value); return *this;}
///@}
///@{
/**
* <p>The value of the <code>Issuer</code> element of the SAML assertion.</p>
*/
inline const Aws::String& GetIssuer() const{ return m_issuer; }
inline void SetIssuer(const Aws::String& value) { m_issuer = value; }
inline void SetIssuer(Aws::String&& value) { m_issuer = std::move(value); }
inline void SetIssuer(const char* value) { m_issuer.assign(value); }
inline AssumeRoleWithSAMLResult& WithIssuer(const Aws::String& value) { SetIssuer(value); return *this;}
inline AssumeRoleWithSAMLResult& WithIssuer(Aws::String&& value) { SetIssuer(std::move(value)); return *this;}
inline AssumeRoleWithSAMLResult& WithIssuer(const char* value) { SetIssuer(value); return *this;}
///@}
///@{
/**
* <p> The value of the <code>Recipient</code> attribute of the
* <code>SubjectConfirmationData</code> element of the SAML assertion. </p>
*/
inline const Aws::String& GetAudience() const{ return m_audience; }
inline void SetAudience(const Aws::String& value) { m_audience = value; }
inline void SetAudience(Aws::String&& value) { m_audience = std::move(value); }
inline void SetAudience(const char* value) { m_audience.assign(value); }
inline AssumeRoleWithSAMLResult& WithAudience(const Aws::String& value) { SetAudience(value); return *this;}
inline AssumeRoleWithSAMLResult& WithAudience(Aws::String&& value) { SetAudience(std::move(value)); return *this;}
inline AssumeRoleWithSAMLResult& WithAudience(const char* value) { SetAudience(value); return *this;}
///@}
///@{
/**
* <p>A hash value based on the concatenation of the following:</p> <ul> <li>
* <p>The <code>Issuer</code> response value.</p> </li> <li> <p>The Amazon Web
* Services account ID.</p> </li> <li> <p>The friendly name (the last part of the
* ARN) of the SAML provider in IAM.</p> </li> </ul> <p>The combination of
* <code>NameQualifier</code> and <code>Subject</code> can be used to uniquely
* identify a user.</p> <p>The following pseudocode shows how the hash value is
* calculated:</p> <p> <code>BASE64 ( SHA1 ( "https://example.com/saml" +
* "123456789012" + "/MySAMLIdP" ) )</code> </p>
*/
inline const Aws::String& GetNameQualifier() const{ return m_nameQualifier; }
inline void SetNameQualifier(const Aws::String& value) { m_nameQualifier = value; }
inline void SetNameQualifier(Aws::String&& value) { m_nameQualifier = std::move(value); }
inline void SetNameQualifier(const char* value) { m_nameQualifier.assign(value); }
inline AssumeRoleWithSAMLResult& WithNameQualifier(const Aws::String& value) { SetNameQualifier(value); return *this;}
inline AssumeRoleWithSAMLResult& WithNameQualifier(Aws::String&& value) { SetNameQualifier(std::move(value)); return *this;}
inline AssumeRoleWithSAMLResult& WithNameQualifier(const char* value) { SetNameQualifier(value); return *this;}
///@}
///@{
/**
* <p>The value in the <code>SourceIdentity</code> attribute in the SAML assertion.
* </p> <p>You can require users to set a source identity value when they assume a
* role. You do this by using the <code>sts:SourceIdentity</code> condition key in
* a role trust policy. That way, actions that are taken with the role are
* associated with that user. After the source identity is set, the value cannot be
* changed. It is present in the request for all actions that are taken by the role
* and persists across <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining">chained
* role</a> sessions. You can configure your SAML identity provider to use an
* attribute associated with your users, like user name or email, as the source
* identity when calling <code>AssumeRoleWithSAML</code>. You do this by adding an
* attribute to the SAML assertion. For more information about using source
* identity, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html">Monitor
* and control actions taken with assumed roles</a> in the <i>IAM User
* Guide</i>.</p> <p>The regex used to validate this parameter is a string of
* characters consisting of upper- and lower-case alphanumeric characters with no
* spaces. You can also include underscores or any of the following characters:
* =,.@-</p>
*/
inline const Aws::String& GetSourceIdentity() const{ return m_sourceIdentity; }
inline void SetSourceIdentity(const Aws::String& value) { m_sourceIdentity = value; }
inline void SetSourceIdentity(Aws::String&& value) { m_sourceIdentity = std::move(value); }
inline void SetSourceIdentity(const char* value) { m_sourceIdentity.assign(value); }
inline AssumeRoleWithSAMLResult& WithSourceIdentity(const Aws::String& value) { SetSourceIdentity(value); return *this;}
inline AssumeRoleWithSAMLResult& WithSourceIdentity(Aws::String&& value) { SetSourceIdentity(std::move(value)); return *this;}
inline AssumeRoleWithSAMLResult& WithSourceIdentity(const char* value) { SetSourceIdentity(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline AssumeRoleWithSAMLResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline AssumeRoleWithSAMLResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Credentials m_credentials;
AssumedRoleUser m_assumedRoleUser;
int m_packedPolicySize;
Aws::String m_subject;
Aws::String m_subjectType;
Aws::String m_issuer;
Aws::String m_audience;
Aws::String m_nameQualifier;
Aws::String m_sourceIdentity;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

235
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumeRoleWithWebIdentityRequest.h Normal file
View File

@@ -0,0 +1,235 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/sts/model/PolicyDescriptorType.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class AssumeRoleWithWebIdentityRequest : public STSRequest
{
public:
AWS_STS_API AssumeRoleWithWebIdentityRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "AssumeRoleWithWebIdentity"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The Amazon Resource Name (ARN) of the role that the caller is assuming.</p>
*/
inline const Aws::String& GetRoleArn() const{ return m_roleArn; }
inline bool RoleArnHasBeenSet() const { return m_roleArnHasBeenSet; }
inline void SetRoleArn(const Aws::String& value) { m_roleArnHasBeenSet = true; m_roleArn = value; }
inline void SetRoleArn(Aws::String&& value) { m_roleArnHasBeenSet = true; m_roleArn = std::move(value); }
inline void SetRoleArn(const char* value) { m_roleArnHasBeenSet = true; m_roleArn.assign(value); }
inline AssumeRoleWithWebIdentityRequest& WithRoleArn(const Aws::String& value) { SetRoleArn(value); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithRoleArn(Aws::String&& value) { SetRoleArn(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithRoleArn(const char* value) { SetRoleArn(value); return *this;}
///@}
///@{
/**
* <p>An identifier for the assumed role session. Typically, you pass the name or
* identifier that is associated with the user who is using your application. That
* way, the temporary security credentials that your application will use are
* associated with that user. This session name is included as part of the ARN and
* assumed role ID in the <code>AssumedRoleUser</code> response element.</p> <p>The
* regex used to validate this parameter is a string of characters consisting of
* upper- and lower-case alphanumeric characters with no spaces. You can also
* include underscores or any of the following characters: =,.@-</p>
*/
inline const Aws::String& GetRoleSessionName() const{ return m_roleSessionName; }
inline bool RoleSessionNameHasBeenSet() const { return m_roleSessionNameHasBeenSet; }
inline void SetRoleSessionName(const Aws::String& value) { m_roleSessionNameHasBeenSet = true; m_roleSessionName = value; }
inline void SetRoleSessionName(Aws::String&& value) { m_roleSessionNameHasBeenSet = true; m_roleSessionName = std::move(value); }
inline void SetRoleSessionName(const char* value) { m_roleSessionNameHasBeenSet = true; m_roleSessionName.assign(value); }
inline AssumeRoleWithWebIdentityRequest& WithRoleSessionName(const Aws::String& value) { SetRoleSessionName(value); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithRoleSessionName(Aws::String&& value) { SetRoleSessionName(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithRoleSessionName(const char* value) { SetRoleSessionName(value); return *this;}
///@}
///@{
/**
* <p>The OAuth 2.0 access token or OpenID Connect ID token that is provided by the
* identity provider. Your application must get this token by authenticating the
* user who is using your application with a web identity provider before the
* application makes an <code>AssumeRoleWithWebIdentity</code> call. Only tokens
* with RSA algorithms (RS256) are supported.</p>
*/
inline const Aws::String& GetWebIdentityToken() const{ return m_webIdentityToken; }
inline bool WebIdentityTokenHasBeenSet() const { return m_webIdentityTokenHasBeenSet; }
inline void SetWebIdentityToken(const Aws::String& value) { m_webIdentityTokenHasBeenSet = true; m_webIdentityToken = value; }
inline void SetWebIdentityToken(Aws::String&& value) { m_webIdentityTokenHasBeenSet = true; m_webIdentityToken = std::move(value); }
inline void SetWebIdentityToken(const char* value) { m_webIdentityTokenHasBeenSet = true; m_webIdentityToken.assign(value); }
inline AssumeRoleWithWebIdentityRequest& WithWebIdentityToken(const Aws::String& value) { SetWebIdentityToken(value); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithWebIdentityToken(Aws::String&& value) { SetWebIdentityToken(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithWebIdentityToken(const char* value) { SetWebIdentityToken(value); return *this;}
///@}
///@{
/**
* <p>The fully qualified host component of the domain name of the OAuth 2.0
* identity provider. Do not specify this value for an OpenID Connect identity
* provider.</p> <p>Currently <code>www.amazon.com</code> and
* <code>graph.facebook.com</code> are the only supported identity providers for
* OAuth 2.0 access tokens. Do not include URL schemes and port numbers.</p> <p>Do
* not specify this value for OpenID Connect ID tokens.</p>
*/
inline const Aws::String& GetProviderId() const{ return m_providerId; }
inline bool ProviderIdHasBeenSet() const { return m_providerIdHasBeenSet; }
inline void SetProviderId(const Aws::String& value) { m_providerIdHasBeenSet = true; m_providerId = value; }
inline void SetProviderId(Aws::String&& value) { m_providerIdHasBeenSet = true; m_providerId = std::move(value); }
inline void SetProviderId(const char* value) { m_providerIdHasBeenSet = true; m_providerId.assign(value); }
inline AssumeRoleWithWebIdentityRequest& WithProviderId(const Aws::String& value) { SetProviderId(value); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithProviderId(Aws::String&& value) { SetProviderId(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithProviderId(const char* value) { SetProviderId(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as managed session policies. The policies must exist in the same account as
* the role.</p> <p>This parameter is optional. You can provide up to 10 managed
* policy ARNs. However, the plaintext that you use for both inline and managed
* session policies can't exceed 2,048 characters. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>An Amazon Web Services
* conversion compresses the passed inline session policy, managed policy ARNs, and
* session tags into a packed binary format that has a separate limit. Your request
* can fail for this limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
* <p>Passing policies to this operation returns new temporary credentials. The
* resulting session's permissions are the intersection of the role's
* identity-based policy and the session policies. You can use the role's temporary
* credentials in subsequent Amazon Web Services API calls to access resources in
* the account that owns the role. You cannot use session policies to grant more
* permissions than those allowed by the identity-based policy of the role that is
* being assumed. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::Vector<PolicyDescriptorType>& GetPolicyArns() const{ return m_policyArns; }
inline bool PolicyArnsHasBeenSet() const { return m_policyArnsHasBeenSet; }
inline void SetPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { m_policyArnsHasBeenSet = true; m_policyArns = value; }
inline void SetPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { m_policyArnsHasBeenSet = true; m_policyArns = std::move(value); }
inline AssumeRoleWithWebIdentityRequest& WithPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { SetPolicyArns(value); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { SetPolicyArns(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityRequest& AddPolicyArns(const PolicyDescriptorType& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(value); return *this; }
inline AssumeRoleWithWebIdentityRequest& AddPolicyArns(PolicyDescriptorType&& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(std::move(value)); return *this; }
///@}
///@{
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>This parameter is optional. Passing policies to this operation
* returns new temporary credentials. The resulting session's permissions are the
* intersection of the role's identity-based policy and the session policies. You
* can use the role's temporary credentials in subsequent Amazon Web Services API
* calls to access resources in the account that owns the role. You cannot use
* session policies to grant more permissions than those allowed by the
* identity-based policy of the role that is being assumed. For more information,
* see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The plaintext that you use for
* both inline and managed session policies can't exceed 2,048 characters. The JSON
* policy characters can be any ASCII character from the space character to the end
* of the valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline const Aws::String& GetPolicy() const{ return m_policy; }
inline bool PolicyHasBeenSet() const { return m_policyHasBeenSet; }
inline void SetPolicy(const Aws::String& value) { m_policyHasBeenSet = true; m_policy = value; }
inline void SetPolicy(Aws::String&& value) { m_policyHasBeenSet = true; m_policy = std::move(value); }
inline void SetPolicy(const char* value) { m_policyHasBeenSet = true; m_policy.assign(value); }
inline AssumeRoleWithWebIdentityRequest& WithPolicy(const Aws::String& value) { SetPolicy(value); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithPolicy(Aws::String&& value) { SetPolicy(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityRequest& WithPolicy(const char* value) { SetPolicy(value); return *this;}
///@}
///@{
/**
* <p>The duration, in seconds, of the role session. The value can range from 900
* seconds (15 minutes) up to the maximum session duration setting for the role.
* This setting can have a value from 1 hour to 12 hours. If you specify a value
* higher than this setting, the operation fails. For example, if you specify a
* session duration of 12 hours, but your administrator set the maximum session
* duration to 6 hours, your operation fails. To learn how to view the maximum
* value for your role, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session">View
* the Maximum Session Duration Setting for a Role</a> in the <i>IAM User
* Guide</i>.</p> <p>By default, the value is set to <code>3600</code> seconds.
* </p> <p>The <code>DurationSeconds</code> parameter is separate from the
* duration of a console session that you might request using the returned
* credentials. The request to the federation endpoint for a console sign-in token
* takes a <code>SessionDuration</code> parameter that specifies the maximum length
* of the console session. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html">Creating
* a URL that Enables Federated Users to Access the Amazon Web Services Management
* Console</a> in the <i>IAM User Guide</i>.</p>
*/
inline int GetDurationSeconds() const{ return m_durationSeconds; }
inline bool DurationSecondsHasBeenSet() const { return m_durationSecondsHasBeenSet; }
inline void SetDurationSeconds(int value) { m_durationSecondsHasBeenSet = true; m_durationSeconds = value; }
inline AssumeRoleWithWebIdentityRequest& WithDurationSeconds(int value) { SetDurationSeconds(value); return *this;}
///@}
private:
Aws::String m_roleArn;
bool m_roleArnHasBeenSet = false;
Aws::String m_roleSessionName;
bool m_roleSessionNameHasBeenSet = false;
Aws::String m_webIdentityToken;
bool m_webIdentityTokenHasBeenSet = false;
Aws::String m_providerId;
bool m_providerIdHasBeenSet = false;
Aws::Vector<PolicyDescriptorType> m_policyArns;
bool m_policyArnsHasBeenSet = false;
Aws::String m_policy;
bool m_policyHasBeenSet = false;
int m_durationSeconds;
bool m_durationSecondsHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

200
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumeRoleWithWebIdentityResult.h Normal file
View File

@@ -0,0 +1,200 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/model/Credentials.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/sts/model/AssumedRoleUser.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains the response to a successful <a>AssumeRoleWithWebIdentity</a>
* request, including temporary Amazon Web Services credentials that can be used to
* make Amazon Web Services requests. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentityResponse">AWS
* API Reference</a></p>
*/
class AssumeRoleWithWebIdentityResult
{
public:
AWS_STS_API AssumeRoleWithWebIdentityResult();
AWS_STS_API AssumeRoleWithWebIdentityResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API AssumeRoleWithWebIdentityResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The temporary security credentials, which include an access key ID, a secret
* access key, and a security token.</p> <p>The size of the security token
* that STS API operations return is not fixed. We strongly recommend that you make
* no assumptions about the maximum size.</p>
*/
inline const Credentials& GetCredentials() const{ return m_credentials; }
inline void SetCredentials(const Credentials& value) { m_credentials = value; }
inline void SetCredentials(Credentials&& value) { m_credentials = std::move(value); }
inline AssumeRoleWithWebIdentityResult& WithCredentials(const Credentials& value) { SetCredentials(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithCredentials(Credentials&& value) { SetCredentials(std::move(value)); return *this;}
///@}
///@{
/**
* <p>The unique user identifier that is returned by the identity provider. This
* identifier is associated with the <code>WebIdentityToken</code> that was
* submitted with the <code>AssumeRoleWithWebIdentity</code> call. The identifier
* is typically unique to the user and the application that acquired the
* <code>WebIdentityToken</code> (pairwise identifier). For OpenID Connect ID
* tokens, this field contains the value returned by the identity provider as the
* token's <code>sub</code> (Subject) claim. </p>
*/
inline const Aws::String& GetSubjectFromWebIdentityToken() const{ return m_subjectFromWebIdentityToken; }
inline void SetSubjectFromWebIdentityToken(const Aws::String& value) { m_subjectFromWebIdentityToken = value; }
inline void SetSubjectFromWebIdentityToken(Aws::String&& value) { m_subjectFromWebIdentityToken = std::move(value); }
inline void SetSubjectFromWebIdentityToken(const char* value) { m_subjectFromWebIdentityToken.assign(value); }
inline AssumeRoleWithWebIdentityResult& WithSubjectFromWebIdentityToken(const Aws::String& value) { SetSubjectFromWebIdentityToken(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithSubjectFromWebIdentityToken(Aws::String&& value) { SetSubjectFromWebIdentityToken(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityResult& WithSubjectFromWebIdentityToken(const char* value) { SetSubjectFromWebIdentityToken(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers
* that you can use to refer to the resulting temporary security credentials. For
* example, you can reference these credentials as a principal in a resource-based
* policy by using the ARN or assumed role ID. The ARN and ID include the
* <code>RoleSessionName</code> that you specified when you called
* <code>AssumeRole</code>. </p>
*/
inline const AssumedRoleUser& GetAssumedRoleUser() const{ return m_assumedRoleUser; }
inline void SetAssumedRoleUser(const AssumedRoleUser& value) { m_assumedRoleUser = value; }
inline void SetAssumedRoleUser(AssumedRoleUser&& value) { m_assumedRoleUser = std::move(value); }
inline AssumeRoleWithWebIdentityResult& WithAssumedRoleUser(const AssumedRoleUser& value) { SetAssumedRoleUser(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithAssumedRoleUser(AssumedRoleUser&& value) { SetAssumedRoleUser(std::move(value)); return *this;}
///@}
///@{
/**
* <p>A percentage value that indicates the packed size of the session policies and
* session tags combined passed in the request. The request fails if the packed
* size is greater than 100 percent, which means the policies and tags exceeded the
* allowed space.</p>
*/
inline int GetPackedPolicySize() const{ return m_packedPolicySize; }
inline void SetPackedPolicySize(int value) { m_packedPolicySize = value; }
inline AssumeRoleWithWebIdentityResult& WithPackedPolicySize(int value) { SetPackedPolicySize(value); return *this;}
///@}
///@{
/**
* <p> The issuing authority of the web identity token presented. For OpenID
* Connect ID tokens, this contains the value of the <code>iss</code> field. For
* OAuth 2.0 access tokens, this contains the value of the <code>ProviderId</code>
* parameter that was passed in the <code>AssumeRoleWithWebIdentity</code>
* request.</p>
*/
inline const Aws::String& GetProvider() const{ return m_provider; }
inline void SetProvider(const Aws::String& value) { m_provider = value; }
inline void SetProvider(Aws::String&& value) { m_provider = std::move(value); }
inline void SetProvider(const char* value) { m_provider.assign(value); }
inline AssumeRoleWithWebIdentityResult& WithProvider(const Aws::String& value) { SetProvider(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithProvider(Aws::String&& value) { SetProvider(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityResult& WithProvider(const char* value) { SetProvider(value); return *this;}
///@}
///@{
/**
* <p>The intended audience (also known as client ID) of the web identity token.
* This is traditionally the client identifier issued to the application that
* requested the web identity token.</p>
*/
inline const Aws::String& GetAudience() const{ return m_audience; }
inline void SetAudience(const Aws::String& value) { m_audience = value; }
inline void SetAudience(Aws::String&& value) { m_audience = std::move(value); }
inline void SetAudience(const char* value) { m_audience.assign(value); }
inline AssumeRoleWithWebIdentityResult& WithAudience(const Aws::String& value) { SetAudience(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithAudience(Aws::String&& value) { SetAudience(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityResult& WithAudience(const char* value) { SetAudience(value); return *this;}
///@}
///@{
/**
* <p>The value of the source identity that is returned in the JSON web token (JWT)
* from the identity provider.</p> <p>You can require users to set a source
* identity value when they assume a role. You do this by using the
* <code>sts:SourceIdentity</code> condition key in a role trust policy. That way,
* actions that are taken with the role are associated with that user. After the
* source identity is set, the value cannot be changed. It is present in the
* request for all actions that are taken by the role and persists across <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining">chained
* role</a> sessions. You can configure your identity provider to use an attribute
* associated with your users, like user name or email, as the source identity when
* calling <code>AssumeRoleWithWebIdentity</code>. You do this by adding a claim to
* the JSON web token. To learn more about OIDC tokens and claims, see <a
* href="https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html">Using
* Tokens with User Pools</a> in the <i>Amazon Cognito Developer Guide</i>. For
* more information about using source identity, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html">Monitor
* and control actions taken with assumed roles</a> in the <i>IAM User
* Guide</i>.</p> <p>The regex used to validate this parameter is a string of
* characters consisting of upper- and lower-case alphanumeric characters with no
* spaces. You can also include underscores or any of the following characters:
* =,.@-</p>
*/
inline const Aws::String& GetSourceIdentity() const{ return m_sourceIdentity; }
inline void SetSourceIdentity(const Aws::String& value) { m_sourceIdentity = value; }
inline void SetSourceIdentity(Aws::String&& value) { m_sourceIdentity = std::move(value); }
inline void SetSourceIdentity(const char* value) { m_sourceIdentity.assign(value); }
inline AssumeRoleWithWebIdentityResult& WithSourceIdentity(const Aws::String& value) { SetSourceIdentity(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithSourceIdentity(Aws::String&& value) { SetSourceIdentity(std::move(value)); return *this;}
inline AssumeRoleWithWebIdentityResult& WithSourceIdentity(const char* value) { SetSourceIdentity(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline AssumeRoleWithWebIdentityResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline AssumeRoleWithWebIdentityResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Credentials m_credentials;
Aws::String m_subjectFromWebIdentityToken;
AssumedRoleUser m_assumedRoleUser;
int m_packedPolicySize;
Aws::String m_provider;
Aws::String m_audience;
Aws::String m_sourceIdentity;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

87
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/AssumedRoleUser.h Normal file
View File

@@ -0,0 +1,87 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>The identifiers for the temporary security credentials that the operation
* returns.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumedRoleUser">AWS
* API Reference</a></p>
*/
class AssumedRoleUser
{
public:
AWS_STS_API AssumedRoleUser();
AWS_STS_API AssumedRoleUser(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API AssumedRoleUser& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
/**
* <p>A unique identifier that contains the role ID and the role session name of
* the role that is being assumed. The role ID is generated by Amazon Web Services
* when the role is created.</p>
*/
inline const Aws::String& GetAssumedRoleId() const{ return m_assumedRoleId; }
inline bool AssumedRoleIdHasBeenSet() const { return m_assumedRoleIdHasBeenSet; }
inline void SetAssumedRoleId(const Aws::String& value) { m_assumedRoleIdHasBeenSet = true; m_assumedRoleId = value; }
inline void SetAssumedRoleId(Aws::String&& value) { m_assumedRoleIdHasBeenSet = true; m_assumedRoleId = std::move(value); }
inline void SetAssumedRoleId(const char* value) { m_assumedRoleIdHasBeenSet = true; m_assumedRoleId.assign(value); }
inline AssumedRoleUser& WithAssumedRoleId(const Aws::String& value) { SetAssumedRoleId(value); return *this;}
inline AssumedRoleUser& WithAssumedRoleId(Aws::String&& value) { SetAssumedRoleId(std::move(value)); return *this;}
inline AssumedRoleUser& WithAssumedRoleId(const char* value) { SetAssumedRoleId(value); return *this;}
///@}
///@{
/**
* <p>The ARN of the temporary security credentials that are returned from the
* <a>AssumeRole</a> action. For more information about ARNs and how to use them in
* policies, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html">IAM
* Identifiers</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::String& GetArn() const{ return m_arn; }
inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
inline AssumedRoleUser& WithArn(const Aws::String& value) { SetArn(value); return *this;}
inline AssumedRoleUser& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
inline AssumedRoleUser& WithArn(const char* value) { SetArn(value); return *this;}
///@}
private:
Aws::String m_assumedRoleId;
bool m_assumedRoleIdHasBeenSet = false;
Aws::String m_arn;
bool m_arnHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

115
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/Credentials.h Normal file
View File

@@ -0,0 +1,115 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/DateTime.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Amazon Web Services credentials for API authentication.</p><p><h3>See
* Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/Credentials">AWS API
* Reference</a></p>
*/
class Credentials
{
public:
AWS_STS_API Credentials();
AWS_STS_API Credentials(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API Credentials& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
/**
* <p>The access key ID that identifies the temporary security credentials.</p>
*/
inline const Aws::String& GetAccessKeyId() const{ return m_accessKeyId; }
inline bool AccessKeyIdHasBeenSet() const { return m_accessKeyIdHasBeenSet; }
inline void SetAccessKeyId(const Aws::String& value) { m_accessKeyIdHasBeenSet = true; m_accessKeyId = value; }
inline void SetAccessKeyId(Aws::String&& value) { m_accessKeyIdHasBeenSet = true; m_accessKeyId = std::move(value); }
inline void SetAccessKeyId(const char* value) { m_accessKeyIdHasBeenSet = true; m_accessKeyId.assign(value); }
inline Credentials& WithAccessKeyId(const Aws::String& value) { SetAccessKeyId(value); return *this;}
inline Credentials& WithAccessKeyId(Aws::String&& value) { SetAccessKeyId(std::move(value)); return *this;}
inline Credentials& WithAccessKeyId(const char* value) { SetAccessKeyId(value); return *this;}
///@}
///@{
/**
* <p>The secret access key that can be used to sign requests.</p>
*/
inline const Aws::String& GetSecretAccessKey() const{ return m_secretAccessKey; }
inline bool SecretAccessKeyHasBeenSet() const { return m_secretAccessKeyHasBeenSet; }
inline void SetSecretAccessKey(const Aws::String& value) { m_secretAccessKeyHasBeenSet = true; m_secretAccessKey = value; }
inline void SetSecretAccessKey(Aws::String&& value) { m_secretAccessKeyHasBeenSet = true; m_secretAccessKey = std::move(value); }
inline void SetSecretAccessKey(const char* value) { m_secretAccessKeyHasBeenSet = true; m_secretAccessKey.assign(value); }
inline Credentials& WithSecretAccessKey(const Aws::String& value) { SetSecretAccessKey(value); return *this;}
inline Credentials& WithSecretAccessKey(Aws::String&& value) { SetSecretAccessKey(std::move(value)); return *this;}
inline Credentials& WithSecretAccessKey(const char* value) { SetSecretAccessKey(value); return *this;}
///@}
///@{
/**
* <p>The token that users must pass to the service API to use the temporary
* credentials.</p>
*/
inline const Aws::String& GetSessionToken() const{ return m_sessionToken; }
inline bool SessionTokenHasBeenSet() const { return m_sessionTokenHasBeenSet; }
inline void SetSessionToken(const Aws::String& value) { m_sessionTokenHasBeenSet = true; m_sessionToken = value; }
inline void SetSessionToken(Aws::String&& value) { m_sessionTokenHasBeenSet = true; m_sessionToken = std::move(value); }
inline void SetSessionToken(const char* value) { m_sessionTokenHasBeenSet = true; m_sessionToken.assign(value); }
inline Credentials& WithSessionToken(const Aws::String& value) { SetSessionToken(value); return *this;}
inline Credentials& WithSessionToken(Aws::String&& value) { SetSessionToken(std::move(value)); return *this;}
inline Credentials& WithSessionToken(const char* value) { SetSessionToken(value); return *this;}
///@}
///@{
/**
* <p>The date on which the current credentials expire.</p>
*/
inline const Aws::Utils::DateTime& GetExpiration() const{ return m_expiration; }
inline bool ExpirationHasBeenSet() const { return m_expirationHasBeenSet; }
inline void SetExpiration(const Aws::Utils::DateTime& value) { m_expirationHasBeenSet = true; m_expiration = value; }
inline void SetExpiration(Aws::Utils::DateTime&& value) { m_expirationHasBeenSet = true; m_expiration = std::move(value); }
inline Credentials& WithExpiration(const Aws::Utils::DateTime& value) { SetExpiration(value); return *this;}
inline Credentials& WithExpiration(Aws::Utils::DateTime&& value) { SetExpiration(std::move(value)); return *this;}
///@}
private:
Aws::String m_accessKeyId;
bool m_accessKeyIdHasBeenSet = false;
Aws::String m_secretAccessKey;
bool m_secretAccessKeyHasBeenSet = false;
Aws::String m_sessionToken;
bool m_sessionTokenHasBeenSet = false;
Aws::Utils::DateTime m_expiration;
bool m_expirationHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

60
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/DecodeAuthorizationMessageRequest.h Normal file
View File

@@ -0,0 +1,60 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class DecodeAuthorizationMessageRequest : public STSRequest
{
public:
AWS_STS_API DecodeAuthorizationMessageRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "DecodeAuthorizationMessage"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The encoded message that was returned with the response.</p>
*/
inline const Aws::String& GetEncodedMessage() const{ return m_encodedMessage; }
inline bool EncodedMessageHasBeenSet() const { return m_encodedMessageHasBeenSet; }
inline void SetEncodedMessage(const Aws::String& value) { m_encodedMessageHasBeenSet = true; m_encodedMessage = value; }
inline void SetEncodedMessage(Aws::String&& value) { m_encodedMessageHasBeenSet = true; m_encodedMessage = std::move(value); }
inline void SetEncodedMessage(const char* value) { m_encodedMessageHasBeenSet = true; m_encodedMessage.assign(value); }
inline DecodeAuthorizationMessageRequest& WithEncodedMessage(const Aws::String& value) { SetEncodedMessage(value); return *this;}
inline DecodeAuthorizationMessageRequest& WithEncodedMessage(Aws::String&& value) { SetEncodedMessage(std::move(value)); return *this;}
inline DecodeAuthorizationMessageRequest& WithEncodedMessage(const char* value) { SetEncodedMessage(value); return *this;}
///@}
private:
Aws::String m_encodedMessage;
bool m_encodedMessageHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

73
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/DecodeAuthorizationMessageResult.h Normal file
View File

@@ -0,0 +1,73 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>A document that contains additional information about the authorization
* status of a request from an encoded message that is returned in response to an
* Amazon Web Services request.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessageResponse">AWS
* API Reference</a></p>
*/
class DecodeAuthorizationMessageResult
{
public:
AWS_STS_API DecodeAuthorizationMessageResult();
AWS_STS_API DecodeAuthorizationMessageResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API DecodeAuthorizationMessageResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The API returns a response with the decoded message.</p>
*/
inline const Aws::String& GetDecodedMessage() const{ return m_decodedMessage; }
inline void SetDecodedMessage(const Aws::String& value) { m_decodedMessage = value; }
inline void SetDecodedMessage(Aws::String&& value) { m_decodedMessage = std::move(value); }
inline void SetDecodedMessage(const char* value) { m_decodedMessage.assign(value); }
inline DecodeAuthorizationMessageResult& WithDecodedMessage(const Aws::String& value) { SetDecodedMessage(value); return *this;}
inline DecodeAuthorizationMessageResult& WithDecodedMessage(Aws::String&& value) { SetDecodedMessage(std::move(value)); return *this;}
inline DecodeAuthorizationMessageResult& WithDecodedMessage(const char* value) { SetDecodedMessage(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline DecodeAuthorizationMessageResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline DecodeAuthorizationMessageResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Aws::String m_decodedMessage;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

86
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/FederatedUser.h Normal file
View File

@@ -0,0 +1,86 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Identifiers for the federated user that is associated with the
* credentials.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/FederatedUser">AWS
* API Reference</a></p>
*/
class FederatedUser
{
public:
AWS_STS_API FederatedUser();
AWS_STS_API FederatedUser(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API FederatedUser& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
/**
* <p>The string that identifies the federated user associated with the
* credentials, similar to the unique ID of an IAM user.</p>
*/
inline const Aws::String& GetFederatedUserId() const{ return m_federatedUserId; }
inline bool FederatedUserIdHasBeenSet() const { return m_federatedUserIdHasBeenSet; }
inline void SetFederatedUserId(const Aws::String& value) { m_federatedUserIdHasBeenSet = true; m_federatedUserId = value; }
inline void SetFederatedUserId(Aws::String&& value) { m_federatedUserIdHasBeenSet = true; m_federatedUserId = std::move(value); }
inline void SetFederatedUserId(const char* value) { m_federatedUserIdHasBeenSet = true; m_federatedUserId.assign(value); }
inline FederatedUser& WithFederatedUserId(const Aws::String& value) { SetFederatedUserId(value); return *this;}
inline FederatedUser& WithFederatedUserId(Aws::String&& value) { SetFederatedUserId(std::move(value)); return *this;}
inline FederatedUser& WithFederatedUserId(const char* value) { SetFederatedUserId(value); return *this;}
///@}
///@{
/**
* <p>The ARN that specifies the federated user that is associated with the
* credentials. For more information about ARNs and how to use them in policies,
* see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html">IAM
* Identifiers</a> in the <i>IAM User Guide</i>. </p>
*/
inline const Aws::String& GetArn() const{ return m_arn; }
inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
inline FederatedUser& WithArn(const Aws::String& value) { SetArn(value); return *this;}
inline FederatedUser& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
inline FederatedUser& WithArn(const char* value) { SetArn(value); return *this;}
///@}
private:
Aws::String m_federatedUserId;
bool m_federatedUserIdHasBeenSet = false;
Aws::String m_arn;
bool m_arnHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

62
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetAccessKeyInfoRequest.h Normal file
View File

@@ -0,0 +1,62 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class GetAccessKeyInfoRequest : public STSRequest
{
public:
AWS_STS_API GetAccessKeyInfoRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "GetAccessKeyInfo"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The identifier of an access key.</p> <p>This parameter allows (through its
* regex pattern) a string of characters that can consist of any upper- or
* lowercase letter or digit.</p>
*/
inline const Aws::String& GetAccessKeyId() const{ return m_accessKeyId; }
inline bool AccessKeyIdHasBeenSet() const { return m_accessKeyIdHasBeenSet; }
inline void SetAccessKeyId(const Aws::String& value) { m_accessKeyIdHasBeenSet = true; m_accessKeyId = value; }
inline void SetAccessKeyId(Aws::String&& value) { m_accessKeyIdHasBeenSet = true; m_accessKeyId = std::move(value); }
inline void SetAccessKeyId(const char* value) { m_accessKeyIdHasBeenSet = true; m_accessKeyId.assign(value); }
inline GetAccessKeyInfoRequest& WithAccessKeyId(const Aws::String& value) { SetAccessKeyId(value); return *this;}
inline GetAccessKeyInfoRequest& WithAccessKeyId(Aws::String&& value) { SetAccessKeyId(std::move(value)); return *this;}
inline GetAccessKeyInfoRequest& WithAccessKeyId(const char* value) { SetAccessKeyId(value); return *this;}
///@}
private:
Aws::String m_accessKeyId;
bool m_accessKeyIdHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

66
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetAccessKeyInfoResult.h Normal file
View File

@@ -0,0 +1,66 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
class GetAccessKeyInfoResult
{
public:
AWS_STS_API GetAccessKeyInfoResult();
AWS_STS_API GetAccessKeyInfoResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API GetAccessKeyInfoResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The number used to identify the Amazon Web Services account.</p>
*/
inline const Aws::String& GetAccount() const{ return m_account; }
inline void SetAccount(const Aws::String& value) { m_account = value; }
inline void SetAccount(Aws::String&& value) { m_account = std::move(value); }
inline void SetAccount(const char* value) { m_account.assign(value); }
inline GetAccessKeyInfoResult& WithAccount(const Aws::String& value) { SetAccount(value); return *this;}
inline GetAccessKeyInfoResult& WithAccount(Aws::String&& value) { SetAccount(std::move(value)); return *this;}
inline GetAccessKeyInfoResult& WithAccount(const char* value) { SetAccount(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline GetAccessKeyInfoResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline GetAccessKeyInfoResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Aws::String m_account;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

40
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetCallerIdentityRequest.h Normal file
View File

@@ -0,0 +1,40 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class GetCallerIdentityRequest : public STSRequest
{
public:
AWS_STS_API GetCallerIdentityRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "GetCallerIdentity"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
};
} // namespace Model
} // namespace STS
} // namespace Aws

109
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetCallerIdentityResult.h Normal file
View File

@@ -0,0 +1,109 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains the response to a successful <a>GetCallerIdentity</a> request,
* including information about the entity making the request.</p><p><h3>See
* Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetCallerIdentityResponse">AWS
* API Reference</a></p>
*/
class GetCallerIdentityResult
{
public:
AWS_STS_API GetCallerIdentityResult();
AWS_STS_API GetCallerIdentityResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API GetCallerIdentityResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The unique identifier of the calling entity. The exact value depends on the
* type of entity that is making the call. The values returned are those listed in
* the <b>aws:userid</b> column in the <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable">Principal
* table</a> found on the <b>Policy Variables</b> reference page in the <i>IAM User
* Guide</i>.</p>
*/
inline const Aws::String& GetUserId() const{ return m_userId; }
inline void SetUserId(const Aws::String& value) { m_userId = value; }
inline void SetUserId(Aws::String&& value) { m_userId = std::move(value); }
inline void SetUserId(const char* value) { m_userId.assign(value); }
inline GetCallerIdentityResult& WithUserId(const Aws::String& value) { SetUserId(value); return *this;}
inline GetCallerIdentityResult& WithUserId(Aws::String&& value) { SetUserId(std::move(value)); return *this;}
inline GetCallerIdentityResult& WithUserId(const char* value) { SetUserId(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Web Services account ID number of the account that owns or
* contains the calling entity.</p>
*/
inline const Aws::String& GetAccount() const{ return m_account; }
inline void SetAccount(const Aws::String& value) { m_account = value; }
inline void SetAccount(Aws::String&& value) { m_account = std::move(value); }
inline void SetAccount(const char* value) { m_account.assign(value); }
inline GetCallerIdentityResult& WithAccount(const Aws::String& value) { SetAccount(value); return *this;}
inline GetCallerIdentityResult& WithAccount(Aws::String&& value) { SetAccount(std::move(value)); return *this;}
inline GetCallerIdentityResult& WithAccount(const char* value) { SetAccount(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Web Services ARN associated with the calling entity.</p>
*/
inline const Aws::String& GetArn() const{ return m_arn; }
inline void SetArn(const Aws::String& value) { m_arn = value; }
inline void SetArn(Aws::String&& value) { m_arn = std::move(value); }
inline void SetArn(const char* value) { m_arn.assign(value); }
inline GetCallerIdentityResult& WithArn(const Aws::String& value) { SetArn(value); return *this;}
inline GetCallerIdentityResult& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
inline GetCallerIdentityResult& WithArn(const char* value) { SetArn(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline GetCallerIdentityResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline GetCallerIdentityResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Aws::String m_userId;
Aws::String m_account;
Aws::String m_arn;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

222
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetFederationTokenRequest.h Normal file
View File

@@ -0,0 +1,222 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/sts/model/PolicyDescriptorType.h>
#include <aws/sts/model/Tag.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class GetFederationTokenRequest : public STSRequest
{
public:
AWS_STS_API GetFederationTokenRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "GetFederationToken"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline const Aws::String& GetName() const{ return m_name; }
inline bool NameHasBeenSet() const { return m_nameHasBeenSet; }
inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; }
inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); }
inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); }
inline GetFederationTokenRequest& WithName(const Aws::String& value) { SetName(value); return *this;}
inline GetFederationTokenRequest& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;}
inline GetFederationTokenRequest& WithName(const char* value) { SetName(value); return *this;}
///@}
///@{
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline const Aws::String& GetPolicy() const{ return m_policy; }
inline bool PolicyHasBeenSet() const { return m_policyHasBeenSet; }
inline void SetPolicy(const Aws::String& value) { m_policyHasBeenSet = true; m_policy = value; }
inline void SetPolicy(Aws::String&& value) { m_policyHasBeenSet = true; m_policy = std::move(value); }
inline void SetPolicy(const char* value) { m_policyHasBeenSet = true; m_policy.assign(value); }
inline GetFederationTokenRequest& WithPolicy(const Aws::String& value) { SetPolicy(value); return *this;}
inline GetFederationTokenRequest& WithPolicy(Aws::String&& value) { SetPolicy(std::move(value)); return *this;}
inline GetFederationTokenRequest& WithPolicy(const char* value) { SetPolicy(value); return *this;}
///@}
///@{
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline const Aws::Vector<PolicyDescriptorType>& GetPolicyArns() const{ return m_policyArns; }
inline bool PolicyArnsHasBeenSet() const { return m_policyArnsHasBeenSet; }
inline void SetPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { m_policyArnsHasBeenSet = true; m_policyArns = value; }
inline void SetPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { m_policyArnsHasBeenSet = true; m_policyArns = std::move(value); }
inline GetFederationTokenRequest& WithPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { SetPolicyArns(value); return *this;}
inline GetFederationTokenRequest& WithPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { SetPolicyArns(std::move(value)); return *this;}
inline GetFederationTokenRequest& AddPolicyArns(const PolicyDescriptorType& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(value); return *this; }
inline GetFederationTokenRequest& AddPolicyArns(PolicyDescriptorType&& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(std::move(value)); return *this; }
///@}
///@{
/**
* <p>The duration, in seconds, that the session should last. Acceptable durations
* for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds
* (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained
* using root user credentials are restricted to a maximum of 3,600 seconds (one
* hour). If the specified duration is longer than one hour, the session obtained
* by using root user credentials defaults to one hour.</p>
*/
inline int GetDurationSeconds() const{ return m_durationSeconds; }
inline bool DurationSecondsHasBeenSet() const { return m_durationSecondsHasBeenSet; }
inline void SetDurationSeconds(int value) { m_durationSecondsHasBeenSet = true; m_durationSeconds = value; }
inline GetFederationTokenRequest& WithDurationSeconds(int value) { SetDurationSeconds(value); return *this;}
///@}
///@{
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* cant exceed 128 characters and the values cant exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag keyvalue
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline const Aws::Vector<Tag>& GetTags() const{ return m_tags; }
inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
inline void SetTags(const Aws::Vector<Tag>& value) { m_tagsHasBeenSet = true; m_tags = value; }
inline void SetTags(Aws::Vector<Tag>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
inline GetFederationTokenRequest& WithTags(const Aws::Vector<Tag>& value) { SetTags(value); return *this;}
inline GetFederationTokenRequest& WithTags(Aws::Vector<Tag>&& value) { SetTags(std::move(value)); return *this;}
inline GetFederationTokenRequest& AddTags(const Tag& value) { m_tagsHasBeenSet = true; m_tags.push_back(value); return *this; }
inline GetFederationTokenRequest& AddTags(Tag&& value) { m_tagsHasBeenSet = true; m_tags.push_back(std::move(value)); return *this; }
///@}
private:
Aws::String m_name;
bool m_nameHasBeenSet = false;
Aws::String m_policy;
bool m_policyHasBeenSet = false;
Aws::Vector<PolicyDescriptorType> m_policyArns;
bool m_policyArnsHasBeenSet = false;
int m_durationSeconds;
bool m_durationSecondsHasBeenSet = false;
Aws::Vector<Tag> m_tags;
bool m_tagsHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

105
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetFederationTokenResult.h Normal file
View File

@@ -0,0 +1,105 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/model/Credentials.h>
#include <aws/sts/model/FederatedUser.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains the response to a successful <a>GetFederationToken</a> request,
* including temporary Amazon Web Services credentials that can be used to make
* Amazon Web Services requests. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationTokenResponse">AWS
* API Reference</a></p>
*/
class GetFederationTokenResult
{
public:
AWS_STS_API GetFederationTokenResult();
AWS_STS_API GetFederationTokenResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API GetFederationTokenResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The temporary security credentials, which include an access key ID, a secret
* access key, and a security (or session) token.</p> <p>The size of the
* security token that STS API operations return is not fixed. We strongly
* recommend that you make no assumptions about the maximum size.</p>
*/
inline const Credentials& GetCredentials() const{ return m_credentials; }
inline void SetCredentials(const Credentials& value) { m_credentials = value; }
inline void SetCredentials(Credentials&& value) { m_credentials = std::move(value); }
inline GetFederationTokenResult& WithCredentials(const Credentials& value) { SetCredentials(value); return *this;}
inline GetFederationTokenResult& WithCredentials(Credentials&& value) { SetCredentials(std::move(value)); return *this;}
///@}
///@{
/**
* <p>Identifiers for the federated user associated with the credentials (such as
* <code>arn:aws:sts::123456789012:federated-user/Bob</code> or
* <code>123456789012:Bob</code>). You can use the federated user's ARN in your
* resource-based policies, such as an Amazon S3 bucket policy. </p>
*/
inline const FederatedUser& GetFederatedUser() const{ return m_federatedUser; }
inline void SetFederatedUser(const FederatedUser& value) { m_federatedUser = value; }
inline void SetFederatedUser(FederatedUser&& value) { m_federatedUser = std::move(value); }
inline GetFederationTokenResult& WithFederatedUser(const FederatedUser& value) { SetFederatedUser(value); return *this;}
inline GetFederationTokenResult& WithFederatedUser(FederatedUser&& value) { SetFederatedUser(std::move(value)); return *this;}
///@}
///@{
/**
* <p>A percentage value that indicates the packed size of the session policies and
* session tags combined passed in the request. The request fails if the packed
* size is greater than 100 percent, which means the policies and tags exceeded the
* allowed space.</p>
*/
inline int GetPackedPolicySize() const{ return m_packedPolicySize; }
inline void SetPackedPolicySize(int value) { m_packedPolicySize = value; }
inline GetFederationTokenResult& WithPackedPolicySize(int value) { SetPackedPolicySize(value); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline GetFederationTokenResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline GetFederationTokenResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Credentials m_credentials;
FederatedUser m_federatedUser;
int m_packedPolicySize;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

111
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetSessionTokenRequest.h Normal file
View File

@@ -0,0 +1,111 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class GetSessionTokenRequest : public STSRequest
{
public:
AWS_STS_API GetSessionTokenRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "GetSessionToken"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
///@{
/**
* <p>The duration, in seconds, that the credentials should remain valid.
* Acceptable durations for IAM user sessions range from 900 seconds (15 minutes)
* to 129,600 seconds (36 hours), with 43,200 seconds (12 hours) as the default.
* Sessions for Amazon Web Services account owners are restricted to a maximum of
* 3,600 seconds (one hour). If the duration is longer than one hour, the session
* for Amazon Web Services account owners defaults to one hour.</p>
*/
inline int GetDurationSeconds() const{ return m_durationSeconds; }
inline bool DurationSecondsHasBeenSet() const { return m_durationSecondsHasBeenSet; }
inline void SetDurationSeconds(int value) { m_durationSecondsHasBeenSet = true; m_durationSeconds = value; }
inline GetSessionTokenRequest& WithDurationSeconds(int value) { SetDurationSeconds(value); return *this;}
///@}
///@{
/**
* <p>The identification number of the MFA device that is associated with the IAM
* user who is making the <code>GetSessionToken</code> call. Specify this value if
* the IAM user has a policy that requires MFA authentication. The value is either
* the serial number for a hardware device (such as <code>GAHT12345678</code>) or
* an Amazon Resource Name (ARN) for a virtual device (such as
* <code>arn:aws:iam::123456789012:mfa/user</code>). You can find the device for an
* IAM user by going to the Amazon Web Services Management Console and viewing the
* user's security credentials. </p> <p>The regex used to validate this parameter
* is a string of characters consisting of upper- and lower-case alphanumeric
* characters with no spaces. You can also include underscores or any of the
* following characters: =,.@:/-</p>
*/
inline const Aws::String& GetSerialNumber() const{ return m_serialNumber; }
inline bool SerialNumberHasBeenSet() const { return m_serialNumberHasBeenSet; }
inline void SetSerialNumber(const Aws::String& value) { m_serialNumberHasBeenSet = true; m_serialNumber = value; }
inline void SetSerialNumber(Aws::String&& value) { m_serialNumberHasBeenSet = true; m_serialNumber = std::move(value); }
inline void SetSerialNumber(const char* value) { m_serialNumberHasBeenSet = true; m_serialNumber.assign(value); }
inline GetSessionTokenRequest& WithSerialNumber(const Aws::String& value) { SetSerialNumber(value); return *this;}
inline GetSessionTokenRequest& WithSerialNumber(Aws::String&& value) { SetSerialNumber(std::move(value)); return *this;}
inline GetSessionTokenRequest& WithSerialNumber(const char* value) { SetSerialNumber(value); return *this;}
///@}
///@{
/**
* <p>The value provided by the MFA device, if MFA is required. If any policy
* requires the IAM user to submit an MFA code, specify this value. If MFA
* authentication is required, the user must provide a code when requesting a set
* of temporary security credentials. A user who fails to provide the code receives
* an "access denied" response when requesting resources that require MFA
* authentication.</p> <p>The format for this parameter, as described by its regex
* pattern, is a sequence of six numeric digits.</p>
*/
inline const Aws::String& GetTokenCode() const{ return m_tokenCode; }
inline bool TokenCodeHasBeenSet() const { return m_tokenCodeHasBeenSet; }
inline void SetTokenCode(const Aws::String& value) { m_tokenCodeHasBeenSet = true; m_tokenCode = value; }
inline void SetTokenCode(Aws::String&& value) { m_tokenCodeHasBeenSet = true; m_tokenCode = std::move(value); }
inline void SetTokenCode(const char* value) { m_tokenCodeHasBeenSet = true; m_tokenCode.assign(value); }
inline GetSessionTokenRequest& WithTokenCode(const Aws::String& value) { SetTokenCode(value); return *this;}
inline GetSessionTokenRequest& WithTokenCode(Aws::String&& value) { SetTokenCode(std::move(value)); return *this;}
inline GetSessionTokenRequest& WithTokenCode(const char* value) { SetTokenCode(value); return *this;}
///@}
private:
int m_durationSeconds;
bool m_durationSecondsHasBeenSet = false;
Aws::String m_serialNumber;
bool m_serialNumberHasBeenSet = false;
Aws::String m_tokenCode;
bool m_tokenCodeHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

74
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/GetSessionTokenResult.h Normal file
View File

@@ -0,0 +1,74 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/model/Credentials.h>
#include <aws/sts/model/ResponseMetadata.h>
#include <utility>
namespace Aws
{
template<typename RESULT_TYPE>
class AmazonWebServiceResult;
namespace Utils
{
namespace Xml
{
class XmlDocument;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains the response to a successful <a>GetSessionToken</a> request,
* including temporary Amazon Web Services credentials that can be used to make
* Amazon Web Services requests. </p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionTokenResponse">AWS
* API Reference</a></p>
*/
class GetSessionTokenResult
{
public:
AWS_STS_API GetSessionTokenResult();
AWS_STS_API GetSessionTokenResult(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
AWS_STS_API GetSessionTokenResult& operator=(const Aws::AmazonWebServiceResult<Aws::Utils::Xml::XmlDocument>& result);
///@{
/**
* <p>The temporary security credentials, which include an access key ID, a secret
* access key, and a security (or session) token.</p> <p>The size of the
* security token that STS API operations return is not fixed. We strongly
* recommend that you make no assumptions about the maximum size.</p>
*/
inline const Credentials& GetCredentials() const{ return m_credentials; }
inline void SetCredentials(const Credentials& value) { m_credentials = value; }
inline void SetCredentials(Credentials&& value) { m_credentials = std::move(value); }
inline GetSessionTokenResult& WithCredentials(const Credentials& value) { SetCredentials(value); return *this;}
inline GetSessionTokenResult& WithCredentials(Credentials&& value) { SetCredentials(std::move(value)); return *this;}
///@}
///@{
inline const ResponseMetadata& GetResponseMetadata() const{ return m_responseMetadata; }
inline void SetResponseMetadata(const ResponseMetadata& value) { m_responseMetadata = value; }
inline void SetResponseMetadata(ResponseMetadata&& value) { m_responseMetadata = std::move(value); }
inline GetSessionTokenResult& WithResponseMetadata(const ResponseMetadata& value) { SetResponseMetadata(value); return *this;}
inline GetSessionTokenResult& WithResponseMetadata(ResponseMetadata&& value) { SetResponseMetadata(std::move(value)); return *this;}
///@}
private:
Credentials m_credentials;
ResponseMetadata m_responseMetadata;
};
} // namespace Model
} // namespace STS
} // namespace Aws

68
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/PolicyDescriptorType.h Normal file
View File

@@ -0,0 +1,68 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>A reference to the IAM managed policy that is passed as a session policy for
* a role session or a federated user session.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/PolicyDescriptorType">AWS
* API Reference</a></p>
*/
class PolicyDescriptorType
{
public:
AWS_STS_API PolicyDescriptorType();
AWS_STS_API PolicyDescriptorType(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API PolicyDescriptorType& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
/**
* <p>The Amazon Resource Name (ARN) of the IAM managed policy to use as a session
* policy for the role. For more information about ARNs, see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* <i>Amazon Web Services General Reference</i>.</p>
*/
inline const Aws::String& GetArn() const{ return m_arn; }
inline bool ArnHasBeenSet() const { return m_arnHasBeenSet; }
inline void SetArn(const Aws::String& value) { m_arnHasBeenSet = true; m_arn = value; }
inline void SetArn(Aws::String&& value) { m_arnHasBeenSet = true; m_arn = std::move(value); }
inline void SetArn(const char* value) { m_arnHasBeenSet = true; m_arn.assign(value); }
inline PolicyDescriptorType& WithArn(const Aws::String& value) { SetArn(value); return *this;}
inline PolicyDescriptorType& WithArn(Aws::String&& value) { SetArn(std::move(value)); return *this;}
inline PolicyDescriptorType& WithArn(const char* value) { SetArn(value); return *this;}
///@}
private:
Aws::String m_arn;
bool m_arnHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

85
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/ProvidedContext.h Normal file
View File

@@ -0,0 +1,85 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>Contains information about the provided context. This includes the signed and
* encrypted trusted context assertion and the context provider ARN from which the
* trusted context assertion was generated.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/ProvidedContext">AWS
* API Reference</a></p>
*/
class ProvidedContext
{
public:
AWS_STS_API ProvidedContext();
AWS_STS_API ProvidedContext(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API ProvidedContext& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
/**
* <p>The context provider ARN from which the trusted context assertion was
* generated.</p>
*/
inline const Aws::String& GetProviderArn() const{ return m_providerArn; }
inline bool ProviderArnHasBeenSet() const { return m_providerArnHasBeenSet; }
inline void SetProviderArn(const Aws::String& value) { m_providerArnHasBeenSet = true; m_providerArn = value; }
inline void SetProviderArn(Aws::String&& value) { m_providerArnHasBeenSet = true; m_providerArn = std::move(value); }
inline void SetProviderArn(const char* value) { m_providerArnHasBeenSet = true; m_providerArn.assign(value); }
inline ProvidedContext& WithProviderArn(const Aws::String& value) { SetProviderArn(value); return *this;}
inline ProvidedContext& WithProviderArn(Aws::String&& value) { SetProviderArn(std::move(value)); return *this;}
inline ProvidedContext& WithProviderArn(const char* value) { SetProviderArn(value); return *this;}
///@}
///@{
/**
* <p>The signed and encrypted trusted context assertion generated by the context
* provider. The trusted context assertion is signed and encrypted by Amazon Web
* Services STS.</p>
*/
inline const Aws::String& GetContextAssertion() const{ return m_contextAssertion; }
inline bool ContextAssertionHasBeenSet() const { return m_contextAssertionHasBeenSet; }
inline void SetContextAssertion(const Aws::String& value) { m_contextAssertionHasBeenSet = true; m_contextAssertion = value; }
inline void SetContextAssertion(Aws::String&& value) { m_contextAssertionHasBeenSet = true; m_contextAssertion = std::move(value); }
inline void SetContextAssertion(const char* value) { m_contextAssertionHasBeenSet = true; m_contextAssertion.assign(value); }
inline ProvidedContext& WithContextAssertion(const Aws::String& value) { SetContextAssertion(value); return *this;}
inline ProvidedContext& WithContextAssertion(Aws::String&& value) { SetContextAssertion(std::move(value)); return *this;}
inline ProvidedContext& WithContextAssertion(const char* value) { SetContextAssertion(value); return *this;}
///@}
private:
Aws::String m_providerArn;
bool m_providerArnHasBeenSet = false;
Aws::String m_contextAssertion;
bool m_contextAssertionHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

56
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/ResponseMetadata.h Normal file
View File

@@ -0,0 +1,56 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
class ResponseMetadata
{
public:
AWS_STS_API ResponseMetadata();
AWS_STS_API ResponseMetadata(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API ResponseMetadata& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
inline const Aws::String& GetRequestId() const{ return m_requestId; }
inline bool RequestIdHasBeenSet() const { return m_requestIdHasBeenSet; }
inline void SetRequestId(const Aws::String& value) { m_requestIdHasBeenSet = true; m_requestId = value; }
inline void SetRequestId(Aws::String&& value) { m_requestIdHasBeenSet = true; m_requestId = std::move(value); }
inline void SetRequestId(const char* value) { m_requestIdHasBeenSet = true; m_requestId.assign(value); }
inline ResponseMetadata& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;}
inline ResponseMetadata& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;}
inline ResponseMetadata& WithRequestId(const char* value) { SetRequestId(value); return *this;}
///@}
private:
Aws::String m_requestId;
bool m_requestIdHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws

93
Plugins/GameLiftPlugin/Source/AWSSDK/Include/aws/sts/model/Tag.h Normal file
View File

@@ -0,0 +1,93 @@
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSStreamFwd.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Xml
{
class XmlNode;
} // namespace Xml
} // namespace Utils
namespace STS
{
namespace Model
{
/**
* <p>You can pass custom key-value pair attributes when you assume a role or
* federate a user. These are called session tags. You can then use the session
* tags to control access to resources. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Tagging
* Amazon Web Services STS Sessions</a> in the <i>IAM User Guide</i>.</p><p><h3>See
* Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/Tag">AWS API
* Reference</a></p>
*/
class Tag
{
public:
AWS_STS_API Tag();
AWS_STS_API Tag(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API Tag& operator=(const Aws::Utils::Xml::XmlNode& xmlNode);
AWS_STS_API void OutputToStream(Aws::OStream& ostream, const char* location, unsigned index, const char* locationValue) const;
AWS_STS_API void OutputToStream(Aws::OStream& oStream, const char* location) const;
///@{
/**
* <p>The key for a session tag.</p> <p>You can pass up to 50 session tags. The
* plain text session tag keys cant exceed 128 characters. For these and
* additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::String& GetKey() const{ return m_key; }
inline bool KeyHasBeenSet() const { return m_keyHasBeenSet; }
inline void SetKey(const Aws::String& value) { m_keyHasBeenSet = true; m_key = value; }
inline void SetKey(Aws::String&& value) { m_keyHasBeenSet = true; m_key = std::move(value); }
inline void SetKey(const char* value) { m_keyHasBeenSet = true; m_key.assign(value); }
inline Tag& WithKey(const Aws::String& value) { SetKey(value); return *this;}
inline Tag& WithKey(Aws::String&& value) { SetKey(std::move(value)); return *this;}
inline Tag& WithKey(const char* value) { SetKey(value); return *this;}
///@}
///@{
/**
* <p>The value for a session tag.</p> <p>You can pass up to 50 session tags. The
* plain text session tag values cant exceed 256 characters. For these and
* additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p>
*/
inline const Aws::String& GetValue() const{ return m_value; }
inline bool ValueHasBeenSet() const { return m_valueHasBeenSet; }
inline void SetValue(const Aws::String& value) { m_valueHasBeenSet = true; m_value = value; }
inline void SetValue(Aws::String&& value) { m_valueHasBeenSet = true; m_value = std::move(value); }
inline void SetValue(const char* value) { m_valueHasBeenSet = true; m_value.assign(value); }
inline Tag& WithValue(const Aws::String& value) { SetValue(value); return *this;}
inline Tag& WithValue(Aws::String&& value) { SetValue(std::move(value)); return *this;}
inline Tag& WithValue(const char* value) { SetValue(value); return *this;}
///@}
private:
Aws::String m_key;
bool m_keyHasBeenSet = false;
Aws::String m_value;
bool m_valueHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws