Copyright	(c) 2013-2018 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None
Language	Haskell2010

Network.AWS.STS.Types

Contents

Service Configuration
Errors
AssumedRoleUser
FederatedUser

Description

Synopsis

sts :: Service
_MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError
_InvalidAuthorizationMessageException :: AsError a => Getting (First ServiceError) a ServiceError
_PackedPolicyTooLargeException :: AsError a => Getting (First ServiceError) a ServiceError
_RegionDisabledException :: AsError a => Getting (First ServiceError) a ServiceError
_IdPCommunicationErrorException :: AsError a => Getting (First ServiceError) a ServiceError
_InvalidIdentityTokenException :: AsError a => Getting (First ServiceError) a ServiceError
_ExpiredTokenException :: AsError a => Getting (First ServiceError) a ServiceError
_IdPRejectedClaimException :: AsError a => Getting (First ServiceError) a ServiceError
data AssumedRoleUser
assumedRoleUser :: Text -> Text -> AssumedRoleUser
aruAssumedRoleId :: Lens' AssumedRoleUser Text
aruARN :: Lens' AssumedRoleUser Text
data FederatedUser
federatedUser :: Text -> Text -> FederatedUser
fuFederatedUserId :: Lens' FederatedUser Text
fuARN :: Lens' FederatedUser Text

Service Configuration

sts :: Service #

API version 2011-06-15 of the Amazon Security Token Service SDK configuration.

Errors

_MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError #

The request was rejected because the policy document was malformed. The error message describes the specific error.

_InvalidAuthorizationMessageException :: AsError a => Getting (First ServiceError) a ServiceError #

The error returned if the message passed to DecodeAuthorizationMessage was invalid. This can happen if the token contains invalid characters, such as linebreaks.

_PackedPolicyTooLargeException :: AsError a => Getting (First ServiceError) a ServiceError #

The request was rejected because the policy document was too large. The error message describes how big the policy document is, in packed form, as a percentage of what the API allows.

_RegionDisabledException :: AsError a => Getting (First ServiceError) a ServiceError #

STS is not activated in the requested region for the account that is being asked to generate credentials. The account administrator must use the IAM console to activate STS in that region. For more information, see Activating and Deactivating AWS STS in an AWS Region in the IAM User Guide .

_IdPCommunicationErrorException :: AsError a => Getting (First ServiceError) a ServiceError #

The request could not be fulfilled because the non-AWS identity provider (IDP) that was asked to verify the incoming identity token could not be reached. This is often a transient error caused by network conditions. Retry the request a limited number of times so that you don't exceed the request rate. If the error persists, the non-AWS identity provider might be down or not responding.

_InvalidIdentityTokenException :: AsError a => Getting (First ServiceError) a ServiceError #

The web identity token that was passed could not be validated by AWS. Get a new identity token from the identity provider and then retry the request.

_ExpiredTokenException :: AsError a => Getting (First ServiceError) a ServiceError #

The web identity token that was passed is expired or is not valid. Get a new identity token from the identity provider and then retry the request.

_IdPRejectedClaimException :: AsError a => Getting (First ServiceError) a ServiceError #

The identity provider (IdP) reported that authentication failed. This might be because the claim is invalid.

If this error is returned for the AssumeRoleWithWebIdentity operation, it can also mean that the claim has expired or has been explicitly revoked.

AssumedRoleUser

data AssumedRoleUser #

The identifiers for the temporary security credentials that the operation returns.

See: assumedRoleUser smart constructor.

Instances

Eq AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods (==) :: AssumedRoleUser -> AssumedRoleUser -> Bool # (/=) :: AssumedRoleUser -> AssumedRoleUser -> Bool #
Data AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> AssumedRoleUser -> c AssumedRoleUser # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c AssumedRoleUser # toConstr :: AssumedRoleUser -> Constr # dataTypeOf :: AssumedRoleUser -> DataType # dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c AssumedRoleUser) # dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c AssumedRoleUser) # gmapT :: (forall b. Data b => b -> b) -> AssumedRoleUser -> AssumedRoleUser # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> AssumedRoleUser -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> AssumedRoleUser -> r # gmapQ :: (forall d. Data d => d -> u) -> AssumedRoleUser -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> AssumedRoleUser -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> AssumedRoleUser -> m AssumedRoleUser # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> AssumedRoleUser -> m AssumedRoleUser # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> AssumedRoleUser -> m AssumedRoleUser #
Read AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods readsPrec :: Int -> ReadS AssumedRoleUser # readList :: ReadS [AssumedRoleUser] # readPrec :: ReadPrec AssumedRoleUser # readListPrec :: ReadPrec [AssumedRoleUser] #
Show AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods showsPrec :: Int -> AssumedRoleUser -> ShowS # show :: AssumedRoleUser -> String # showList :: [AssumedRoleUser] -> ShowS #
Generic AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Associated Types type Rep AssumedRoleUser :: * -> * # Methods from :: AssumedRoleUser -> Rep AssumedRoleUser x # to :: Rep AssumedRoleUser x -> AssumedRoleUser #
Hashable AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods hashWithSalt :: Int -> AssumedRoleUser -> Int # hash :: AssumedRoleUser -> Int #
FromXML AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods parseXML :: [Node] -> Either String AssumedRoleUser #
NFData AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods rnf :: AssumedRoleUser -> () #
type Rep AssumedRoleUser #
Instance details Defined in Network.AWS.STS.Types.Product type Rep AssumedRoleUser = D1 (MetaData "AssumedRoleUser" "Network.AWS.STS.Types.Product" "amazonka-sts-1.6.0-BeUvA717Onu1749eN7mOia" False) (C1 (MetaCons "AssumedRoleUser'" PrefixI True) (S1 (MetaSel (Just "_aruAssumedRoleId") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text) :*: S1 (MetaSel (Just "_aruARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text)))

assumedRoleUser #

Arguments

:: Text	`aruAssumedRoleId`
-> Text	`aruARN`
-> AssumedRoleUser

Creates a value of AssumedRoleUser with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

aruAssumedRoleId - A unique identifier that contains the role ID and the role session name of the role that is being assumed. The role ID is generated by AWS when the role is created.
aruARN - The ARN of the temporary security credentials that are returned from the AssumeRole action. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .

aruAssumedRoleId :: Lens' AssumedRoleUser Text #

A unique identifier that contains the role ID and the role session name of the role that is being assumed. The role ID is generated by AWS when the role is created.

aruARN :: Lens' AssumedRoleUser Text #

The ARN of the temporary security credentials that are returned from the AssumeRole action. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .

FederatedUser

data FederatedUser #

Identifiers for the federated user that is associated with the credentials.

See: federatedUser smart constructor.

Instances

Eq FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods (==) :: FederatedUser -> FederatedUser -> Bool # (/=) :: FederatedUser -> FederatedUser -> Bool #
Data FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> FederatedUser -> c FederatedUser # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c FederatedUser # toConstr :: FederatedUser -> Constr # dataTypeOf :: FederatedUser -> DataType # dataCast1 :: Typeable t => (forall d. Data d => c (t d)) -> Maybe (c FederatedUser) # dataCast2 :: Typeable t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c FederatedUser) # gmapT :: (forall b. Data b => b -> b) -> FederatedUser -> FederatedUser # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> FederatedUser -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> FederatedUser -> r # gmapQ :: (forall d. Data d => d -> u) -> FederatedUser -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> FederatedUser -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> FederatedUser -> m FederatedUser # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> FederatedUser -> m FederatedUser # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> FederatedUser -> m FederatedUser #
Read FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods readsPrec :: Int -> ReadS FederatedUser # readList :: ReadS [FederatedUser] # readPrec :: ReadPrec FederatedUser # readListPrec :: ReadPrec [FederatedUser] #
Show FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods showsPrec :: Int -> FederatedUser -> ShowS # show :: FederatedUser -> String # showList :: [FederatedUser] -> ShowS #
Generic FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Associated Types type Rep FederatedUser :: * -> * # Methods from :: FederatedUser -> Rep FederatedUser x # to :: Rep FederatedUser x -> FederatedUser #
Hashable FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods hashWithSalt :: Int -> FederatedUser -> Int # hash :: FederatedUser -> Int #
FromXML FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods parseXML :: [Node] -> Either String FederatedUser #
NFData FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product Methods rnf :: FederatedUser -> () #
type Rep FederatedUser #
Instance details Defined in Network.AWS.STS.Types.Product type Rep FederatedUser = D1 (MetaData "FederatedUser" "Network.AWS.STS.Types.Product" "amazonka-sts-1.6.0-BeUvA717Onu1749eN7mOia" False) (C1 (MetaCons "FederatedUser'" PrefixI True) (S1 (MetaSel (Just "_fuFederatedUserId") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text) :*: S1 (MetaSel (Just "_fuARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 Text)))

federatedUser #

Arguments

:: Text	`fuFederatedUserId`
-> Text	`fuARN`
-> FederatedUser

Creates a value of FederatedUser with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

fuFederatedUserId - The string that identifies the federated user associated with the credentials, similar to the unique ID of an IAM user.
fuARN - The ARN that specifies the federated user that is associated with the credentials. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .

fuFederatedUserId :: Lens' FederatedUser Text #

The string that identifies the federated user associated with the credentials, similar to the unique ID of an IAM user.

fuARN :: Lens' FederatedUser Text #

The ARN that specifies the federated user that is associated with the credentials. For more information about ARNs and how to use them in policies, see IAM Identifiers in Using IAM .