Table of Contents

Interface ICoreAmazonSTS

Namespace
Amazon.Runtime.SharedInterfaces
Assembly
AWSSDK.Core.dll

ICoreAmazonSTS is not meant to be used directly. It defines Security Token service with basic .NET types and allows other services to be able to use the service as a runtime dependency. This interface is implemented by the AmazonSecurityTokenServiceClient defined in the AWSSDK.SecurityToken assembly.

public interface ICoreAmazonSTS

Methods

CredentialsFromAssumeRoleAuthentication(string, string, AssumeRoleAWSCredentialsOptions)

This method is used internally to access the Amazon Security Token service within other service assemblies. Please use AmazonSecurityTokenServiceClient to access the Amazon Security Token service instead.

Use Amazon Security Token Service to assume a role. Proxy settings that are required for the HTTPS and STS calls made during the authentication/credential generation process are supported and should have been configured on the STS ClientConfig instance associated with the STS client instance exposing this interface. 
AssumeRoleImmutableCredentials CredentialsFromAssumeRoleAuthentication(string roleArn, string roleSessionName, AssumeRoleAWSCredentialsOptions options)

Parameters

roleArn string

The Amazon Resource Name (ARN) of the role to assume.

roleSessionName string

An identifier for the assumed role session.

options AssumeRoleAWSCredentialsOptions

Options to be used in the call to AssumeRole.

Returns

AssumeRoleImmutableCredentials

CredentialsFromSAMLAuthentication(string, string, string, TimeSpan, ICredentials)

This method is used internally to access the Amazon Security Token service within other service assemblies. Please use AmazonSecurityTokenServiceClient to access the Amazon Security Token service instead.

Authenticates against a federated identity endpoint supporting SAML and returns temporary AWS credentials for the supplied role. 
SAMLImmutableCredentials CredentialsFromSAMLAuthentication(string endpoint, string authenticationType, string roleARN, TimeSpan credentialDuration, ICredentials userCredential)

Parameters

endpoint string

The endpoint for the federated identity provider

authenticationType string

The authentication type to use (NTLM, Kerberos etc)

roleARN string

The ARN of the role the user is to assume following authentication

credentialDuration TimeSpan

TTL duration for the generated credentials.

userCredential ICredentials

Optional; alternate user credential for authentication. If null the identity of the current process is used.

Returns

SAMLImmutableCredentials

Generated credential data, including SAML-related information such as subject.

Remarks

Proxy settings that are required for the HTTPS and STS calls made during the authentication/credential generation process are supported and should have been configured on the STS ClientConfig instance associated with the STS client instance exposing this interface.