本文整理汇总了Java中com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder类的典型用法代码示例。如果您正苦于以下问题:Java AWSSecurityTokenServiceClientBuilder类的具体用法?Java AWSSecurityTokenServiceClientBuilder怎么用?Java AWSSecurityTokenServiceClientBuilder使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AWSSecurityTokenServiceClientBuilder类属于com.amazonaws.services.securitytoken包,在下文中一共展示了AWSSecurityTokenServiceClientBuilder类的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getS3Client
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
public static AmazonS3 getS3Client(final String region, final String roleArn) {
final Regions awsRegion = StringUtils.isNullOrEmpty(region) ? Regions.US_EAST_1 : Regions.fromName(region);
if (StringUtils.isNullOrEmpty(roleArn)) {
return AmazonS3ClientBuilder.standard().withRegion(awsRegion).build();
} else {
final AssumeRoleRequest assumeRole = new AssumeRoleRequest().withRoleArn(roleArn).withRoleSessionName("io-klerch-mp3-converter");
final AWSSecurityTokenService sts = AWSSecurityTokenServiceClientBuilder.standard().withRegion(awsRegion).build();
final Credentials credentials = sts.assumeRole(assumeRole).getCredentials();
final BasicSessionCredentials sessionCredentials = new BasicSessionCredentials(
credentials.getAccessKeyId(),
credentials.getSecretAccessKey(),
credentials.getSessionToken());
return AmazonS3ClientBuilder.standard().withRegion(awsRegion).withCredentials(new AWSStaticCredentialsProvider(sessionCredentials)).build();
}
}
示例2: buildCredentialsProvider
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
private AWSCredentialsProvider buildCredentialsProvider(final AWSCredentials credentials, final String region, final String assumeRole) {
AWSCredentialsProvider credentialsProvider = new AWSStaticCredentialsProvider(credentials);
if (isNullOrEmpty(assumeRole)) {
return credentialsProvider;
}
else {
// STS requires a region; fall back on the SDK default if not set
String stsRegion;
if (isNullOrEmpty(region)) {
stsRegion = defaultRegion();
}
else {
stsRegion = region;
}
AWSSecurityTokenService securityTokenService = AWSSecurityTokenServiceClientBuilder.standard()
.withRegion(stsRegion)
.withCredentials(credentialsProvider).build();
return new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRole, "nexus-s3-session")
.withStsClient(securityTokenService)
.build();
}
}
示例3: getAccount
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
public static String getAccount(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration) {
AWSSecurityTokenService client = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(awsCredentialsProvider)
.withClientConfiguration(transformAndVerifyOrThrow(clientConfiguration))
.withRegion(RegionResolver.getRegion())
.build();
GetCallerIdentityRequest request = new GetCallerIdentityRequest();
GetCallerIdentityResult result = client.getCallerIdentity(request);
return result.getAccount();
}
示例4: assumeRole
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
private AWSCredentialsProvider assumeRole(AWSCredentialsProvider longLivedAWSCredentials, ClientConfiguration clientConfiguration, String assumeRoleArn) {
AWSSecurityTokenService client = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(longLivedAWSCredentials)
.withClientConfiguration(transformAndVerifyOrThrow(clientConfiguration))
.withRegion(RegionResolver.getRegion())
.build();
STSAssumeRoleSessionCredentialsProvider.Builder builder =
new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, "strongbox-cli");
builder.withStsClient(client);
return builder.build();
}
示例5: FederatedUserCredentialsProvider
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
public FederatedUserCredentialsProvider(String region, String bucket) {
tokenService = AWSSecurityTokenServiceClientBuilder
.standard()
.withRegion(region)
.build();
this.bucket = bucket;
this.region = region;
}
示例6: securityTokenService
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
/** Setup {@link AWSSecurityTokenService} client an IAM role to assume is given. */
@Bean
@ConditionalOnMissingBean
@Conditional(STSSetCondition.class)
AWSSecurityTokenService securityTokenService(ZipkinSQSCollectorProperties properties) {
return AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(getDefaultCredentialsProvider(properties))
.withRegion(properties.awsStsRegion)
.build();
}
示例7: securityTokenService
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
/** Setup {@link AWSSecurityTokenService} client an IAM role to assume is given. */
@Bean
@ConditionalOnMissingBean
@Conditional(STSSetCondition.class)
AWSSecurityTokenService securityTokenService(ZipkinKinesisCollectorProperties properties) {
return AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(getDefaultCredentialsProvider(properties))
.withRegion(properties.awsStsRegion)
.build();
}
示例8: securityTokenService
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
private AWSSecurityTokenService securityTokenService(AWSCredentialsProvider credentialsProvider) {
AWSSecurityTokenServiceClientBuilder builder = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(credentialsProvider);
if (config.stsEndpoint().isPresent()) {
builder.withEndpointConfiguration(
new AwsClientBuilder.EndpointConfiguration(config.getStsEndpoint(), config.getStsRegionName())
);
} else {
builder.withRegion(config.getStsRegionName());
}
return builder.build();
}
示例9: AAWSTest
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
public AAWSTest() {
super();
if (Config.has(Config.Key.IAM_ROLE_ARN)) {
final AWSSecurityTokenService sts = AWSSecurityTokenServiceClientBuilder.standard().withCredentials(new DefaultAWSCredentialsProviderChain()).build();
this.credentialsProvider = new STSAssumeRoleSessionCredentialsProvider.Builder(Config.get(Config.Key.IAM_ROLE_ARN), IAM_SESSION_NAME).withStsClient(sts).build();
} else {
this.credentialsProvider = new DefaultAWSCredentialsProviderChain();
}
this.ec2 = AmazonEC2ClientBuilder.standard().withCredentials(this.credentialsProvider).build();
this.iam = AmazonIdentityManagementClientBuilder.standard().withCredentials(this.credentialsProvider).build();
}
示例10: AAWSTest
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
public AAWSTest() {
super();
if (Config.has(Config.Key.IAM_ROLE_ARN)) {
final AWSSecurityTokenService local = AWSSecurityTokenServiceClientBuilder.standard().withCredentials(new DefaultAWSCredentialsProviderChain()).build();
this.credentialsProvider = new STSAssumeRoleSessionCredentialsProvider.Builder(Config.get(Config.Key.IAM_ROLE_ARN), IAM_SESSION_NAME).withStsClient(local).build();
} else {
this.credentialsProvider = new DefaultAWSCredentialsProviderChain();
}
this.ec2 = AmazonEC2ClientBuilder.standard().withCredentials(this.credentialsProvider).build();
this.route53 = AmazonRoute53ClientBuilder.standard().withCredentials(this.credentialsProvider).build();
this.s3 = AmazonS3ClientBuilder.standard().withCredentials(this.credentialsProvider).build();
this.sts = AWSSecurityTokenServiceClientBuilder.standard().withCredentials(this.credentialsProvider).build();
}
示例11: getSTSCredentialsProvider
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
private AWSCredentialsProvider getSTSCredentialsProvider(AWSCredentialsProvider awsCredentials, String region, String assumeRoleArn) {
AWSSecurityTokenService stsClient = AWSSecurityTokenServiceClientBuilder.standard()
.withRegion(region)
.withCredentials(awsCredentials)
.build();
String roleSessionName = String.format("API_KEY_%[email protected]_%s",
awsCredentials.getCredentials().getAWSAccessKeyId(),
stsClient.getCallerIdentity(new GetCallerIdentityRequest()).getAccount());
LOG.debug("Cross account role session name: " + roleSessionName);
return new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, roleSessionName)
.withStsClient(stsClient)
.build();
}
示例12: assumeRole
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder; //导入依赖的package包/类
/**
* Resolve AWS credentials based on MFA/Assume role
*
* We will assume that if mfa_serial is defined, then role_arn and source_profile also has to be specified.
*
* Please note that Strongbox differ from the AWS CLI in the following:
* AWS CLI: 'Note that configuration variables for using IAM roles can only be in the AWS CLI config file.'
* Strongbox: '--assume-role' can be specified explicitly
*
* https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#using-aws-iam-roles
*/
private AWSCredentials assumeRole(ClientConfiguration clientConfiguration,
ConfigProviderChain configProvider,
ProfileIdentifier profile,
RoleARN roleToAssume) {
Optional<ProfileIdentifier> sourceProfile = configProvider.getSourceProfile(profile);
if (!sourceProfile.isPresent()) {
throw new IllegalStateException(String.format("'%s' must be specified when using '%s' for profile '%s'",
AWSConfigPropertyKey.SOURCE_PROFILE,
AWSConfigPropertyKey.ROLE_ARN,
profile.name));
}
SessionCache sessionCache = new SessionCache(profile, roleToAssume);
Optional<BasicSessionCredentials> cachedCredentials = sessionCache.load();
if (cachedCredentials.isPresent()) {
return cachedCredentials.get();
} else {
AWSCredentialsProvider staticCredentialsProvider = new AWSStaticCredentialsProvider(getStaticCredentials(configProvider, sourceProfile.get()));
AWSSecurityTokenService client = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(staticCredentialsProvider)
.withClientConfiguration(transformAndVerifyOrThrow(clientConfiguration))
.withRegion(RegionResolver.getRegion())
.build();
String sessionId = String.format("strongbox-cli-session-%s", ZonedDateTime.now().toEpochSecond());
AssumeRoleRequest request = new AssumeRoleRequest();
request.withRoleArn(roleToAssume.toArn())
.withRoleSessionName(sessionId);
Optional<String> mfaSerial = configProvider.getMFASerial(profile);
if (mfaSerial.isPresent()) {
MFAToken mfaToken = mfaTokenSupplier.get();
request.withSerialNumber(mfaSerial.get())
.withTokenCode(mfaToken.value);
}
AssumeRoleResult result = client.assumeRole(request);
Credentials credentials = result.getCredentials();
BasicSessionCredentials basicSessionCredentials = new BasicSessionCredentials(credentials.getAccessKeyId(), credentials.getSecretAccessKey(), credentials.getSessionToken());
sessionCache.save(result.getAssumedRoleUser(),
basicSessionCredentials,
ZonedDateTime.ofInstant(credentials.getExpiration().toInstant(), ZoneId.of("UTC")));
return basicSessionCredentials;
}
}