{-# OPTIONS_GHC -fno-warn-duplicate-exports #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} -- | -- Module : Amazonka.STS -- Copyright : (c) 2013-2021 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- -- Derived from API version @2011-06-15@ of the AWS service descriptions, licensed under Apache 2.0. -- -- Security Token Service -- -- Security Token Service (STS) enables you to request temporary, -- limited-privilege credentials for Identity and Access Management (IAM) -- users or for users that you authenticate (federated users). This guide -- provides descriptions of the STS API. For more information about using -- this service, see -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html Temporary Security Credentials>. module Amazonka.STS ( -- * Service Configuration defaultService, -- * Errors -- $errors -- ** MalformedPolicyDocumentException _MalformedPolicyDocumentException, -- ** InvalidAuthorizationMessageException _InvalidAuthorizationMessageException, -- ** PackedPolicyTooLargeException _PackedPolicyTooLargeException, -- ** RegionDisabledException _RegionDisabledException, -- ** IDPCommunicationErrorException _IDPCommunicationErrorException, -- ** InvalidIdentityTokenException _InvalidIdentityTokenException, -- ** ExpiredTokenException _ExpiredTokenException, -- ** IDPRejectedClaimException _IDPRejectedClaimException, -- * Waiters -- $waiters -- * Operations -- $operations -- ** GetCallerIdentity GetCallerIdentity (GetCallerIdentity'), newGetCallerIdentity, GetCallerIdentityResponse (GetCallerIdentityResponse'), newGetCallerIdentityResponse, -- ** AssumeRole AssumeRole (AssumeRole'), newAssumeRole, AssumeRoleResponse (AssumeRoleResponse'), newAssumeRoleResponse, -- ** GetAccessKeyInfo GetAccessKeyInfo (GetAccessKeyInfo'), newGetAccessKeyInfo, GetAccessKeyInfoResponse (GetAccessKeyInfoResponse'), newGetAccessKeyInfoResponse, -- ** DecodeAuthorizationMessage DecodeAuthorizationMessage (DecodeAuthorizationMessage'), newDecodeAuthorizationMessage, DecodeAuthorizationMessageResponse (DecodeAuthorizationMessageResponse'), newDecodeAuthorizationMessageResponse, -- ** AssumeRoleWithWebIdentity AssumeRoleWithWebIdentity (AssumeRoleWithWebIdentity'), newAssumeRoleWithWebIdentity, AssumeRoleWithWebIdentityResponse (AssumeRoleWithWebIdentityResponse'), newAssumeRoleWithWebIdentityResponse, -- ** GetFederationToken GetFederationToken (GetFederationToken'), newGetFederationToken, GetFederationTokenResponse (GetFederationTokenResponse'), newGetFederationTokenResponse, -- ** GetSessionToken GetSessionToken (GetSessionToken'), newGetSessionToken, GetSessionTokenResponse (GetSessionTokenResponse'), newGetSessionTokenResponse, -- ** AssumeRoleWithSAML AssumeRoleWithSAML (AssumeRoleWithSAML'), newAssumeRoleWithSAML, AssumeRoleWithSAMLResponse (AssumeRoleWithSAMLResponse'), newAssumeRoleWithSAMLResponse, -- * Types -- ** AssumedRoleUser AssumedRoleUser (AssumedRoleUser'), newAssumedRoleUser, -- ** FederatedUser FederatedUser (FederatedUser'), newFederatedUser, -- ** PolicyDescriptorType PolicyDescriptorType (PolicyDescriptorType'), newPolicyDescriptorType, -- ** Tag Tag (Tag'), newTag, ) where import Amazonka.STS.AssumeRole import Amazonka.STS.AssumeRoleWithSAML import Amazonka.STS.AssumeRoleWithWebIdentity import Amazonka.STS.DecodeAuthorizationMessage import Amazonka.STS.GetAccessKeyInfo import Amazonka.STS.GetCallerIdentity import Amazonka.STS.GetFederationToken import Amazonka.STS.GetSessionToken import Amazonka.STS.Lens import Amazonka.STS.Types import Amazonka.STS.Waiters -- $errors -- Error matchers are designed for use with the functions provided by -- <http://hackage.haskell.org/package/lens/docs/Control-Exception-Lens.html Control.Exception.Lens>. -- This allows catching (and rethrowing) service specific errors returned -- by 'STS'. -- $operations -- Some AWS operations return results that are incomplete and require subsequent -- requests in order to obtain the entire result set. The process of sending -- subsequent requests to continue where a previous request left off is called -- pagination. For example, the 'ListObjects' operation of Amazon S3 returns up to -- 1000 objects at a time, and you must send subsequent requests with the -- appropriate Marker in order to retrieve the next page of results. -- -- Operations that have an 'AWSPager' instance can transparently perform subsequent -- requests, correctly setting Markers and other request facets to iterate through -- the entire result set of a truncated API operation. Operations which support -- this have an additional note in the documentation. -- -- Many operations have the ability to filter results on the server side. See the -- individual operation parameters for details. -- $waiters -- Waiters poll by repeatedly sending a request until some remote success condition -- configured by the 'Wait' specification is fulfilled. The 'Wait' specification -- determines how many attempts should be made, in addition to delay and retry strategies.