Copyright	(c) 2013-2018 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None
Language	Haskell2010

Network.AWS.STS.Types

Contents

Service Configuration
Errors
AssumedRoleUser
FederatedUser

Description

Synopsis

sts :: Service
_MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError
_InvalidAuthorizationMessageException :: AsError a => Getting (First ServiceError) a ServiceError
_PackedPolicyTooLargeException :: AsError a => Getting (First ServiceError) a ServiceError
_RegionDisabledException :: AsError a => Getting (First ServiceError) a ServiceError
_IdPCommunicationErrorException :: AsError a => Getting (First ServiceError) a ServiceError
_InvalidIdentityTokenException :: AsError a => Getting (First ServiceError) a ServiceError
_ExpiredTokenException :: AsError a => Getting (First ServiceError) a ServiceError
_IdPRejectedClaimException :: AsError a => Getting (First ServiceError) a ServiceError
data AssumedRoleUser
assumedRoleUser :: Text -> Text -> AssumedRoleUser
aruAssumedRoleId :: Lens' AssumedRoleUser Text
aruARN :: Lens' AssumedRoleUser Text
data FederatedUser
federatedUser :: Text -> Text -> FederatedUser
fuFederatedUserId :: Lens' FederatedUser Text
fuARN :: Lens' FederatedUser Text

Service Configuration

sts :: Service Source #

API version 2011-06-15 of the Amazon Security Token Service SDK configuration.

Errors

_MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The request was rejected because the policy document was malformed. The error message describes the specific error.

_InvalidAuthorizationMessageException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks.

_PackedPolicyTooLargeException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The request was rejected because the policy document was too large. The error message describes how big the policy document is, in packed form, as a percentage of what the API allows.

_RegionDisabledException :: AsError a => Getting (First ServiceError) a ServiceError Source #

STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see Activating and Deactivating AWS STS in an AWS Region in the IAM User Guide .

_IdPCommunicationErrorException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The request could not be fulfilled because the non-AWS identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the non-AWS identity provider might be down or not responding.

_InvalidIdentityTokenException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The web identity token that was passed could not be validated by AWS. Get a new identity token from the identity provider and then retry the request.

_ExpiredTokenException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.

_IdPRejectedClaimException :: AsError a => Getting (First ServiceError) a ServiceError Source #

The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid.

If this error is returned for the AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired or has been explicitly revoked.

AssumedRoleUser

data AssumedRoleUser Source #

The identifiers for the temporary security credentials that the operation returns.

See: assumedRoleUser smart constructor.

Instances

Eq AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods (==) :: AssumedRoleUser -> AssumedRoleUser -> Bool # (/=) :: AssumedRoleUser -> AssumedRoleUser -> Bool #
Data AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> AssumedRoleUser -> c AssumedRoleUser # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c AssumedRoleUser # toConstr :: AssumedRoleUser -> Constr # dataTypeOf :: AssumedRoleUser -> DataType # dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c AssumedRoleUser) # dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c AssumedRoleUser) # gmapT :: (forall b. Data b => b -> b) -> AssumedRoleUser -> AssumedRoleUser # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> AssumedRoleUser -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> AssumedRoleUser -> r # gmapQ :: (forall d. Data d => d -> u) -> AssumedRoleUser -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> AssumedRoleUser -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> AssumedRoleUser -> m AssumedRoleUser # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> AssumedRoleUser -> m AssumedRoleUser # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> AssumedRoleUser -> m AssumedRoleUser #
Read AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods readsPrec :: Int -> ReadS AssumedRoleUser # readList :: ReadS [AssumedRoleUser] # readPrec :: ReadPrec AssumedRoleUser # readListPrec :: ReadPrec [AssumedRoleUser] #
Show AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods showsPrec :: Int -> AssumedRoleUser -> ShowS # show :: AssumedRoleUser -> String # showList :: [AssumedRoleUser] -> ShowS #
Generic AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Associated Types type Rep AssumedRoleUser :: Type -> Type # Methods from :: AssumedRoleUser -> Rep AssumedRoleUser x # to :: Rep AssumedRoleUser x -> AssumedRoleUser #
Hashable AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods hashWithSalt :: Int -> AssumedRoleUser -> Int # hash :: AssumedRoleUser -> Int #
FromXML AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods parseXML :: [Node] -> Either String AssumedRoleUser #
NFData AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods rnf :: AssumedRoleUser -> () #
type Rep AssumedRoleUser Source #
Instance details Defined in Network.AWS.STS.Types.Product type Rep AssumedRoleUser = D1 (MetaData "AssumedRoleUser" "Network.AWS.STS.Types.Product" "amazonka-sts-1.6.1-5Tc7J8ytaMRDXzYhL3lzRG" False) (C1 (MetaCons "AssumedRoleUser'" PrefixI True) (S1 (MetaSel (Just "_aruAssumedRoleId") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text) :*: S1 (MetaSel (Just "_aruARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text)))

assumedRoleUser Source #

Arguments

:: Text	`aruAssumedRoleId`
-> Text	`aruARN`
-> AssumedRoleUser

Creates a value of AssumedRoleUser with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

aruAssumedRoleId - A unique identifier that contains the role ID and the role session name of the role that is being assumed. The role ID is generated by AWS when the role is created.
aruARN - The ARN of the temporary security credentials that are returned from the AssumeRole action. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .

aruAssumedRoleId :: Lens' AssumedRoleUser Text Source #

A unique identifier that contains the role ID and the role session name of the role that is being assumed. The role ID is generated by AWS when the role is created.

aruARN :: Lens' AssumedRoleUser Text Source #

The ARN of the temporary security credentials that are returned from the AssumeRole action. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .

FederatedUser

data FederatedUser Source #

Identifiers for the federated user that is associated with the credentials.

See: federatedUser smart constructor.

Instances

Eq FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods (==) :: FederatedUser -> FederatedUser -> Bool # (/=) :: FederatedUser -> FederatedUser -> Bool #
Data FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> FederatedUser -> c FederatedUser # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c FederatedUser # toConstr :: FederatedUser -> Constr # dataTypeOf :: FederatedUser -> DataType # dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c FederatedUser) # dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c FederatedUser) # gmapT :: (forall b. Data b => b -> b) -> FederatedUser -> FederatedUser # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> FederatedUser -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> FederatedUser -> r # gmapQ :: (forall d. Data d => d -> u) -> FederatedUser -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> FederatedUser -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> FederatedUser -> m FederatedUser # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> FederatedUser -> m FederatedUser # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> FederatedUser -> m FederatedUser #
Read FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods readsPrec :: Int -> ReadS FederatedUser # readList :: ReadS [FederatedUser] # readPrec :: ReadPrec FederatedUser # readListPrec :: ReadPrec [FederatedUser] #
Show FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods showsPrec :: Int -> FederatedUser -> ShowS # show :: FederatedUser -> String # showList :: [FederatedUser] -> ShowS #
Generic FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Associated Types type Rep FederatedUser :: Type -> Type # Methods from :: FederatedUser -> Rep FederatedUser x # to :: Rep FederatedUser x -> FederatedUser #
Hashable FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods hashWithSalt :: Int -> FederatedUser -> Int # hash :: FederatedUser -> Int #
FromXML FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods parseXML :: [Node] -> Either String FederatedUser #
NFData FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product Methods rnf :: FederatedUser -> () #
type Rep FederatedUser Source #
Instance details Defined in Network.AWS.STS.Types.Product type Rep FederatedUser = D1 (MetaData "FederatedUser" "Network.AWS.STS.Types.Product" "amazonka-sts-1.6.1-5Tc7J8ytaMRDXzYhL3lzRG" False) (C1 (MetaCons "FederatedUser'" PrefixI True) (S1 (MetaSel (Just "_fuFederatedUserId") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text) :*: S1 (MetaSel (Just "_fuARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text)))

federatedUser Source #

Arguments

:: Text	`fuFederatedUserId`
-> Text	`fuARN`
-> FederatedUser

Creates a value of FederatedUser with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

fuFederatedUserId - The string that identifies the federated user associated with the credentials, similar to the unique ID of an IAM user.
fuARN - The ARN that specifies the federated user that is associated with the credentials. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .

fuFederatedUserId :: Lens' FederatedUser Text Source #

The string that identifies the federated user associated with the credentials, similar to the unique ID of an IAM user.

fuARN :: Lens' FederatedUser Text Source #

The ARN that specifies the federated user that is associated with the credentials. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .