Cloud Enterprise Object Storage REST API

Search (SHIFT+S)




Assume Role

POST AssumeRole

Returns a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to.


Query Parameters

DurationSecondsThe duration, in seconds, of the role session.
InlineSessionPolicyAn IAM policy in JSON format that you want to use as an inline session policy.
RoleArnThe ARN of the role to assume.
PolicyArnsThe ARNs of the IAM managed policies that you want to use as managed session policies. The policies must exist in the same account as the role.
RoleSessionNameAn identifier for the assumed role session.

Required Roles

This call has no restrictions.


Request Payload

No Request Payload


Response Body

Field Description Type Notes
AssumeRoleResponse
Result    
AssumedRoleUser    
Arn The ARN of the temporary security credentials that are returned from the AssumeRole action. String
AssumedRoleId A unique identifier that contains the role ID and the role session name of the role that is being assumed. The role ID is generated by AWS when the role is created. String
Credentials    
AccessKeyId The access key ID that identifies the temporary security credentials. String
Expiration The date on which the current credentials expire. String
SecretAccessKey The secret access key that can be used to sign requests. String
SessionToken The token that users must pass to the service API to use the temporary credentials. String
PackedPolicySize A percentage value that indicates the packed size of the session policies and session tags combined passed in the request. Integer
ResponseMetadata    
RequestId String

Examples

Request
POST https://192.168.0.0:4443/sts?Action=AssumeRole&RoleSessionName=temp&RoleArn=urn:ecs:iam::s3:role/s3assumeRole&DurationSeconds=7200
Accept: */*
X-SDS-AUTH-TOKEN: <AUTH_TOKEN>
Response
HTTP/1.1 200 OK
Content-Type: application/xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:AssumeRoleResponse xmlns:ns2="none">
  <ResponseMetadata>
    <RequestId>0af7b369:171a31ad5b8:12e3a:b</RequestId>
  </ResponseMetadata>
  <AssumeRoleResult>
    <AssumedRoleUser>
      <Arn>urn:ecs:sts::s3:assumed-role/s3assumeRole/temp</Arn>
      <AssumedRoleId>AROA48AEC87ADCFF133F:temp</AssumedRoleId>
    </AssumedRoleUser>
    <Credentials>
      <AccessKeyId>ASIA48DB3A69C19CFE56</AccessKeyId>
      <Expiration>2020-04-23T19:45:46Z</Expiration>
      <SecretAccessKey>wDvqneW8lyJbu0VRAMU8xQHPKH1hIsYfTyozlVg5znM</SecretAccessKey>
      <SessionToken>CgJzMxIFdXNlcjEaFE0EyQ . . . mi5SBHRlbXBo2sSH9QU</SessionToken>
    </Credentials>
  </AssumeRoleResult>
</ns2:AssumeRoleResponse>