Skip to main content

ISTSAssumeRoleRequest

Interface in AWS.STS

Interface for AssumeRole requests.

Ancestors

Properties

RoleArn

property RoleArn: TARN

The Amazon Resource Name (ARN) of the role to assume.

RoleSessionName

property RoleSessionName: string

An identifier for the assumed role session.

DurationSeconds

property DurationSeconds: TOptional<Integer>

The duration in seconds of the role session.

Valid range is from 900 seconds (15 minutes) to the maximum session duration for the role. Maximum session durations can range from 1 hour to 12 hours.

ExternalId

property ExternalId: string

A unique identifier that may be required when you assume a role in another account.

Policy

property Policy: string

A JSON string containing an inline IAM session policy.

If Policy is set, the permissions granted to the resulting credentials is an intersection of the role's policy and the policy provided. You cannot use this to grant permissions greater than those allowed by the role identity.

PolicyArns

property PolicyArns: TList<TARN>

List of Amazon Resource Names (ARNs) of IAM managed policies that you want to use as session policies.

PolicyArns are optional. Up to 10 managed policy ARNs can be provided.

SerialNumber

property SerialNumber: string

The identification number of the MFA device that is associated with the user making the AssumeRole call.

Specify this value if MFA authentication is required by the trust policy. The value is either the serial number of a hardware device ot an Amazon Resource Name (ARN) for a virtual device.

SourceIdentity

property SourceIdentity: string

Specify the source identity specified by the principal that is calling AssumeRole.

Tags

property Tags: TList<TAWSTag>

A list of session tags to pass.

Tags are optional. You can pass up to 50 session tags. The plaintext keys can't exceed 128 characters and values can't exceed 256 characters.

TokenCode

property TokenCode: string

The value provided by the MFA device.

Provide this value if the role being assumed requires MFA.

TransitiveTagKeys

property TransitiveTagKeys: TList<string>

A list of keys for session tags that you want to set as transitive.

TransitiveTagKeys are optional. If you choose not to specify transitive tag keys, then no tags will be passed from this session to any subsequent sessions.