com.ibm.cloud.objectstorage.auth.profile.internal.securitytoken

Class RoleInfo

java.lang.Object

com.ibm.cloud.objectstorage.auth.profile.internal.securitytoken.RoleInfo

All Implemented Interfaces:

Cloneable

public class RoleInfo
extends Object
implements Cloneable

Constructor Summary

Constructors

Constructor and Description
RoleInfo() Default constructor for RoleInfo object.

Method Summary

Modifier and Type	Method and Description
RoleInfo	clone()
boolean	equals(Object obj)
String	getExternalId() A unique identifier that is used by third parties when assuming roles in their customers' accounts.
AWSCredentialsProvider	getLongLivedCredentialsProvider() Provides the credentials that are used to assume the role.
String	getRoleArn() The Amazon Resource Name (ARN) of the role to assume.
String	getRoleSessionName() An identifier for the assumed role session.
String	getWebIdentityTokenFilePath() Get the absolute path to the JWT file that contains a web identity token.
int	hashCode()
void	setExternalId(String externalId) A unique identifier that is used by third parties when assuming roles in their customers' accounts.
void	setLongLivedCredentialsProvider(AWSCredentialsProvider longLivedCredentialsProvider) Provides the credentials that are used to assume the role.
void	setRoleArn(String roleArn) The Amazon Resource Name (ARN) of the role to assume.
void	setRoleSessionName(String roleSessionName) An identifier for the assumed role session.
void	setWebIdentityTokenFilePath(String webIdentityTokenFilePath) Set the absolute path to the JWT file that contains a web identity token.
String	toString() Returns a string representation of this object; useful for testing and debugging.
RoleInfo	withExternalId(String externalId) A unique identifier that is used by third parties when assuming roles in their customers' accounts.
RoleInfo	withLongLivedCredentials(AWSCredentials longLivedCredentials) Provides the credentials that are used to assume the role.
RoleInfo	withLongLivedCredentialsProvider(AWSCredentialsProvider longLivedCredentialsProvider) Provides the credentials that are used to assume the role.
RoleInfo	withRoleArn(String roleArn) The Amazon Resource Name (ARN) of the role to assume.
RoleInfo	withRoleSessionName(String roleSessionName) An identifier for the assumed role session.
RoleInfo	withWebIdentityTokenFilePath(String webIdentityTokenFilePath) Similar to RoleInfo.setWebIdentityTokenFilePath(String) but returns this for method chaining.

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

RoleInfo

public RoleInfo()

Default constructor for RoleInfo object. Callers should use the setter or fluent setter (with...) methods to initialize the object after creating it.

Method Detail

setRoleArn

public void setRoleArn(String roleArn)

The Amazon Resource Name (ARN) of the role to assume.

Parameters:

roleArn - The Amazon Resource Name (ARN) of the role to assume.

getRoleArn

public String getRoleArn()

The Amazon Resource Name (ARN) of the role to assume.

Returns:

The Amazon Resource Name (ARN) of the role to assume.

withRoleArn

public RoleInfo withRoleArn(String roleArn)

The Amazon Resource Name (ARN) of the role to assume.

Parameters:

roleArn - The Amazon Resource Name (ARN) of the role to assume.

Returns:

Returns a reference to this object so that method calls can be chained together.

setRoleSessionName

public void setRoleSessionName(String roleSessionName)

An identifier for the assumed role session.

Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also used in the ARN of the assumed role principal. This means that subsequent cross-account API requests using the temporary security credentials will expose the role session name to the external account in their CloudTrail logs.

Parameters:

roleSessionName - An identifier for the assumed role session.

Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also used in the ARN of the assumed role principal. This means that subsequent cross-account API requests using the temporary security credentials will expose the role session name to the external account in their CloudTrail logs.

getRoleSessionName

public String getRoleSessionName()

An identifier for the assumed role session.

Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also used in the ARN of the assumed role principal. This means that subsequent cross-account API requests using the temporary security credentials will expose the role session name to the external account in their CloudTrail logs.

Returns:

An identifier for the assumed role session.

Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also used in the ARN of the assumed role principal. This means that subsequent cross-account API requests using the temporary security credentials will expose the role session name to the external account in their CloudTrail logs.

withRoleSessionName

public RoleInfo withRoleSessionName(String roleSessionName)

An identifier for the assumed role session.

Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also used in the ARN of the assumed role principal. This means that subsequent cross-account API requests using the temporary security credentials will expose the role session name to the external account in their CloudTrail logs.

Parameters:

roleSessionName - An identifier for the assumed role session.

Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also used in the ARN of the assumed role principal. This means that subsequent cross-account API requests using the temporary security credentials will expose the role session name to the external account in their CloudTrail logs.

Returns:

Returns a reference to this object so that method calls can be chained together.

setExternalId

public void setExternalId(String externalId)

A unique identifier that is used by third parties when assuming roles in their customers' accounts. For each role that the third party can assume, they should instruct their customers to ensure the role's trust policy checks for the external ID that the third party generated. Each time the third party assumes the role, they should pass the customer's external ID. The external ID is useful in order to help third parties bind a role to the customer who created it. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the Using IAM.

Parameters:

externalId - A unique identifier that is used by third parties when assuming roles in their customers' accounts. For each role that the third party can assume, they should instruct their customers to ensure the role's trust policy checks for the external ID that the third party generated. Each time the third party assumes the role, they should pass the customer's external ID. The external ID is useful in order to help third parties bind a role to the customer who created it. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the Using IAM.

getExternalId

public String getExternalId()

A unique identifier that is used by third parties when assuming roles in their customers' accounts. For each role that the third party can assume, they should instruct their customers to ensure the role's trust policy checks for the external ID that the third party generated. Each time the third party assumes the role, they should pass the customer's external ID. The external ID is useful in order to help third parties bind a role to the customer who created it. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the Using IAM.

Returns:

A unique identifier that is used by third parties when assuming roles in their customers' accounts. For each role that the third party can assume, they should instruct their customers to ensure the role's trust policy checks for the external ID that the third party generated. Each time the third party assumes the role, they should pass the customer's external ID. The external ID is useful in order to help third parties bind a role to the customer who created it. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the Using IAM.

withExternalId

public RoleInfo withExternalId(String externalId)

A unique identifier that is used by third parties when assuming roles in their customers' accounts. For each role that the third party can assume, they should instruct their customers to ensure the role's trust policy checks for the external ID that the third party generated. Each time the third party assumes the role, they should pass the customer's external ID. The external ID is useful in order to help third parties bind a role to the customer who created it. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the Using IAM.

Parameters:

externalId - A unique identifier that is used by third parties when assuming roles in their customers' accounts. For each role that the third party can assume, they should instruct their customers to ensure the role's trust policy checks for the external ID that the third party generated. Each time the third party assumes the role, they should pass the customer's external ID. The external ID is useful in order to help third parties bind a role to the customer who created it. For more information about the external ID, see How to Use an External ID When Granting Access to Your AWS Resources to a Third Party in the Using IAM.

Returns:

Returns a reference to this object so that method calls can be chained together.

setWebIdentityTokenFilePath

public void setWebIdentityTokenFilePath(String webIdentityTokenFilePath)

Set the absolute path to the JWT file that contains a web identity token.

getWebIdentityTokenFilePath

public String getWebIdentityTokenFilePath()

Get the absolute path to the JWT file that contains a web identity token.

Returns:

withWebIdentityTokenFilePath

public RoleInfo withWebIdentityTokenFilePath(String webIdentityTokenFilePath)

Similar to RoleInfo.setWebIdentityTokenFilePath(String) but returns this for method chaining.

setLongLivedCredentialsProvider

public void setLongLivedCredentialsProvider(AWSCredentialsProvider longLivedCredentialsProvider)

Provides the credentials that are used to assume the role.

Parameters:

longLivedCredentialsProvider - long lived credentials provider

getLongLivedCredentialsProvider

public AWSCredentialsProvider getLongLivedCredentialsProvider()

Provides the credentials that are used to assume the role.

Returns:

long lived credentials provider

withLongLivedCredentialsProvider

public RoleInfo withLongLivedCredentialsProvider(AWSCredentialsProvider longLivedCredentialsProvider)

Provides the credentials that are used to assume the role.

Parameters:

longLivedCredentialsProvider - long lived credentials provider

Returns:

Returns a reference to this object so that method calls can be chained together.

withLongLivedCredentials

public RoleInfo withLongLivedCredentials(AWSCredentials longLivedCredentials)

Provides the credentials that are used to assume the role.

Parameters:

longLivedCredentials - long lived credentials

Returns:

Returns a reference to this object so that method calls can be chained together.

toString

public String toString()

Returns a string representation of this object; useful for testing and debugging.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

clone

public RoleInfo clone()

Overrides:

clone in class Object