Class STSAssumeRoleSessionCredentialsProvider.Builder

  • Enclosing class:
    STSAssumeRoleSessionCredentialsProvider

    public static final class STSAssumeRoleSessionCredentialsProvider.Builder
    extends Object
    Provides a builder pattern to avoid combinatorial explosion of the number of parameters that are passed to constructors. The builder introspects which parameters have been set and calls the appropriate constructor.
    • Constructor Detail

      • Builder

        public Builder​(String roleArn,
                       String roleSessionName)
        Parameters:
        roleArn - Required roleArn parameter used when starting a session
        roleSessionName - Required roleSessionName parameter used when starting a session
    • Method Detail

      • withLongLivedCredentials

        public STSAssumeRoleSessionCredentialsProvider.Builder withLongLivedCredentials​(AWSCredentials longLivedCredentials)
        Set credentials to use when retrieving session credentials This is not the recommended approach. Instead, consider using the CredentialsProvider field.
        Parameters:
        longLivedCredentials - Credentials used to generate sessions in the assumed role
        Returns:
        the builder itself for chained calls
      • withLongLivedCredentialsProvider

        public STSAssumeRoleSessionCredentialsProvider.Builder withLongLivedCredentialsProvider​(AWSCredentialsProvider longLivedCredentialsProvider)
        Set credentials provider to use when retrieving session credentials
        Parameters:
        longLivedCredentialsProvider - A credentials provider used to generate sessions in the assumed role
        Returns:
        the builder itself for chained calls
      • withClientConfiguration

        public STSAssumeRoleSessionCredentialsProvider.Builder withClientConfiguration​(ClientConfiguration clientConfiguration)
        Set the client configuration used to create the AWSSecurityTokenService
        Parameters:
        clientConfiguration - ClientConfiguration for the AWSSecurityTokenService client
        Returns:
        the builder itself for chained calls
      • withExternalId

        public STSAssumeRoleSessionCredentialsProvider.Builder withExternalId​(String roleExternalId)
        Set the roleExternalId parameter that is used when retrieving session credentials under an assumed role.
        Parameters:
        roleExternalId - An external id used in the service call used to retrieve session credentials
        Returns:
        the builder itself for chained calls
      • withRoleSessionDurationSeconds

        public STSAssumeRoleSessionCredentialsProvider.Builder withRoleSessionDurationSeconds​(int roleSessionDurationSeconds)
        Set the roleSessionDurationSeconds that is used when creating a new assumed role session.
        Parameters:
        roleSessionDurationSeconds - The duration for which we want to have an assumed role session to be active.
        Returns:
        the itself for chained calls
      • withServiceEndpoint

        public STSAssumeRoleSessionCredentialsProvider.Builder withServiceEndpoint​(String serviceEndpoint)
        Sets the AWS Security Token Service (STS) endpoint where session credentials are retrieved from.

        The default AWS Security Token Service (STS) endpoint ("sts.amazonaws.com") works for all accounts that are not for China (Beijing) region or GovCloud. You only need to change the endpoint to "sts.cn-north-1.amazonaws.com.cn" when you are requesting session credentials for services in China(Beijing) region or "sts.us-gov-west-1.amazonaws.com" for GovCloud.