Class STSAssumeRoleSessionCredentialsProvider.Builder

java.lang.Object
com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider.Builder
Enclosing class:
STSAssumeRoleSessionCredentialsProvider

public static final class STSAssumeRoleSessionCredentialsProvider.Builder extends Object
Provides a builder pattern to avoid combinatorial explosion of the number of parameters that are passed to constructors. The builder introspects which parameters have been set and calls the appropriate constructor.
  • Constructor Details

    • Builder

      public Builder(String roleArn, String roleSessionName)
      Parameters:
      roleArn - Required roleArn parameter used when starting a session
      roleSessionName - Required roleSessionName parameter used when starting a session
  • Method Details

    • withLongLivedCredentials

      public STSAssumeRoleSessionCredentialsProvider.Builder withLongLivedCredentials(AWSCredentials longLivedCredentials)
      Set credentials to use when retrieving session credentials This is not the recommended approach. Instead, consider using the CredentialsProvider field.
      Parameters:
      longLivedCredentials - Credentials used to generate sessions in the assumed role
      Returns:
      the builder itself for chained calls
    • withLongLivedCredentialsProvider

      public STSAssumeRoleSessionCredentialsProvider.Builder withLongLivedCredentialsProvider(AWSCredentialsProvider longLivedCredentialsProvider)
      Set credentials provider to use when retrieving session credentials
      Parameters:
      longLivedCredentialsProvider - A credentials provider used to generate sessions in the assumed role
      Returns:
      the builder itself for chained calls
    • withClientConfiguration

      public STSAssumeRoleSessionCredentialsProvider.Builder withClientConfiguration(ClientConfiguration clientConfiguration)
      Set the client configuration used to create the AWSSecurityTokenService
      Parameters:
      clientConfiguration - ClientConfiguration for the AWSSecurityTokenService client
      Returns:
      the builder itself for chained calls
    • withExternalId

      public STSAssumeRoleSessionCredentialsProvider.Builder withExternalId(String roleExternalId)
      Set the roleExternalId parameter that is used when retrieving session credentials under an assumed role.
      Parameters:
      roleExternalId - An external id used in the service call used to retrieve session credentials
      Returns:
      the builder itself for chained calls
    • withRoleSessionDurationSeconds

      public STSAssumeRoleSessionCredentialsProvider.Builder withRoleSessionDurationSeconds(int roleSessionDurationSeconds)
      Set the roleSessionDurationSeconds that is used when creating a new assumed role session.
      Parameters:
      roleSessionDurationSeconds - The duration for which we want to have an assumed role session to be active.
      Returns:
      the itself for chained calls
    • withServiceEndpoint

      public STSAssumeRoleSessionCredentialsProvider.Builder withServiceEndpoint(String serviceEndpoint)
      Sets the AWS Security Token Service (STS) endpoint where session credentials are retrieved from.

      The default AWS Security Token Service (STS) endpoint ("sts.amazonaws.com") works for all accounts that are not for China (Beijing) region or GovCloud. You only need to change the endpoint to "sts.cn-north-1.amazonaws.com.cn" when you are requesting session credentials for services in China(Beijing) region or "sts.us-gov-west-1.amazonaws.com" for GovCloud.

    • withStsClient

      Sets a preconfigured STS client to use for the credentials provider. A custom client is mutually exclusive to any other client related settings (withClientConfiguration(ClientConfiguration), withLongLivedCredentials(AWSCredentials), withServiceEndpoint(String), etc).
      Parameters:
      sts - Custom STS client to use.
      Returns:
      This object for chained calls.
    • build

      Build the configured provider
      Returns:
      the configured STSAssumeRoleSessionCredentialsProvider